- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Using Sam Spade
- Abstract
- In using the Internet, one often needs to determine where certain traffic comes from. The traffic might be a scan, a request for a web page, or an email. Since each packet contains a source IP number, by determining that number and who controls it one can obtain a great deal of information about the true meaning of the traffic. Once the "owner" of the IP address is determined appropriate action can be taken if the situation warrants. A number of command-line tools were developed on UNIX systems during the early days of the Internet to assist in determining the source of Internet traffic. These tools include: whois, traceroute, finger, ping, and nslookup. While a number of these have been implemented in the various Windows operating systems, the Sam Spade utility provides all these tools and more in a graphical user interface. Sam Spade for Windows is free and available at www.samspade.org/ssw. This paper will examine a number of the more useful tools in Sam Spade.