IPgrab is a verbose packet sniffer for UNIX hosts. Example telnet output: ---------------------------------------------------------------- Ethernet header (961445334.490653) ---------------------------------------------------------------- Hardware source: 00:10:4b:96:1d:a8 Hardware destination: 08:00:02:25:29:77 Protocol: 0x800 (IP) Length: 68 ---------------------------------------------------------------- IP Header ---------------------------------------------------------------- Version: 4 Header length: 5 TOS: 0x10 Total length: 54 Identification: 6795 Fragmentation offset: 0 Unused bit: 0 Don't fragment bit: 1 More fragments bit: 0 Time to live: 64 Protocol: 6 (TCP) Header checksum: 37890 Source address: 149.112.60.156 Destination address: 149.112.36.168 ---------------------------------------------------------------- TCP Header ---------------------------------------------------------------- Source port: 2692 (unknown) Destination port: 23 (telnet) Sequence number: 2876130028 Acknowledgement number: 3994633468 Header length: 8 Unused: 0 Flags: PA Window size: 32120 Checksum: 58743 Urgent: 0 Option: 1 (no op) Option: 1 (no op) Option: 8 (timestamp) Length: 10 Timestamp value: 181028495 Timestamp reply: 44432019 ----------------------------------------------------------------- 0D 00 .. And of a minimal mode TCP session: 961445601.933843 00:10:4b:96:1d:a8->08:00:02:25:29:77 IP 149.112.60.156->198.186.203.44 (72,DF) TCP 2690->22 (PA,2794909852,2764779739,31856) 961445602.086258 08:00:02:25:29:77->00:10:4b:96:1d:a8 IP 198.186.203.44->149.112.60.156 (52,DF) TCP 22->2690 (A,2764779739,2794909872,32120) 961445602.086374 08:00:02:25:29:77->00:10:4b:96:1d:a8 IP 198.186.203.44->149.112.60.156 (96,DF) TCP 22->2690 (PA,2764779739,2794909872,32120) 961445602.097106 00:10:4b:96:1d:a8->08:00:02:25:29:77 IP 149.112.60.156->198.186.203.44 (52,DF) TCP 2690->22 (A,2794909872,2764779783,31856) The ipgrab homepage is located at: http://ipgrab.sourceforge.net