Advanced Guide to
Linux Networking and Security

Home

Publishers Page

Chapter 1

Chapter 2

Chapter 3

Feedback

Errata

Bonus Material

Installing ngrep
Netcat
Nast
OpenNTPD
HTP Time Sync
Squid
Remote Backup

Installing ngrep

The information on this page does not map to a specific certification objective.

The book covers the ngrep program on page 539 but doesn't go into detail about how to install it. This page does. The official Web site for ngrep is http://ngrep.sourceforge.net. At the time this page was created, a RPM package was not available so you must choose to install from either source code or a binary.

Ngrep requires the packet capture (pcap) library. This is probably already installed on your Linux system. You can see if it is by running this whereis command:

whereis libpcap
libpcap: /usr/lib/libpcap.a /usr/lib/libpcap.so
In this example, the library was found in the /usr/lib directory. If it was not found, you'll have to install it. If your Linux distribution doesn't provide it, you can download Linux/UNIX source code. If you want to run pcap on Windows, you can download a Windowsbinary.

Installing from Source

You can perform these steps logged in as root. If you're security conscious, you can perform most of these steps as an ordinary user but one step requires that you be logged in as root.

  1. Go to http://ngrep.sourceforge.net and locate the download page. Download the ngrep source code file, which was called ngrep-1.44-1.tar.bz2 at the time this page was created. You can save the file to your home directory.
  2. Go to a command prompt and make sure that the downloaded file is in the current directory.
  3. Uncompress and untar the file with this command: tar xzf ngrep-1.44-1.tar.bz2. This will create a subdirectory called ngrep-1.44-1.
  4. Enter ./configure.
  5. Enter make.
  6. You must be logged in as root for this next step. If you are not, enter su and respond to the password prompt with root's password.
  7. Enter make install. The ngrep program will now be installed in the /usr/local/bin directory and the ngrep man page will be installed to the /usr/local/man directory.
  8. You no longer need to be logged in as root. Enter exit to return to your ordinary user login if you used the su command earlier.
  9. You're ready to run the ngrep program.

Installing the UNIX Binary

  1. Go to http://ngrep.sourceforge.net and locate the download page. Download the ngrep UNIX binary file, which was called ngrep-1.44-linux-elf-static.bz2 at the time this page was created. You can save the file to your home directory.
  2. Go to a command prompt and make sure that the downloaded file is in the current directory.
  3. Enter bunzip2 ngrep-1.44-linux-elf-static.bz2 to uncompress the file. Enter ls and see that the file has been renamed to ngrep-1.44-linux-elf-static.
  4. You must be logged in as root for this next step. If you are not, enter su and respond to the password prompt with root's password.
  5. Move the file to the /usr/local/bin directory by entering mv  ngrep-1.44-linux-elf-static  /usr/local/bin/
  6. You no longer need to be logged in as root. Enter exit to return to your ordinary user login if you used the su command earlier.
  7. You're ready to run the ngrep program.

Installing on Windows

You can install ngrep on Windows by downloading a Windows binary.

Back