[Info-vax] Alternative to TCPTRACE ?
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Fri Mar 24 17:13:00 EDT 2023
On 2023-03-24 12:28:29 +0000, Jan-Erik S��derholm said:
> Does anyone know of any other tool that runs on the VMS system to
> monitor network traffic and that can be run in multiple instances?
As an alternative, the tools don't need to run on OpenVMS. Mirror the
switchport, and use Kali or such to capture and process the network
traffic, whether using wireshark, tcpdump or tcpflow or whatever.
Other common options here (more commonly used for shenanigans) include
mitmproxy, ettercap, or bettercap or such. These tools would be choices
for accessing a classic wide-open SCADA design.
OpenVMS has libpcap starting around TCP/IP Services V5.5 or so, and
which provides another approach for monitoring traffic. This is
underneath tcpdump. There doesn't seem to be much doc for this, though.
Local preference is to instrument the apps or (for this case)
instrumenting a common communications framework. That is obviously a
larger effort, but sorting out network communications has paid benefits
with debugging and monitoring and elsewhere, and incidentally also
makes getting to TLS or DTLS easier.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list