Powershell: IP Packet Sniffer Script

I came across a wicked PowerShell script (Trends in Technology: Powershell: IP Packet Sniffer Script ) that is essentially a PowerShell packet sniffer.  How cool is that!  It certainly won’t replace full blown sniffers like WireShark but I love having a PowerShell window open watching packets.  Yea, I need to get out more.

After you start the script, press Ctrl-C to break. Which is probably why this:

PS C:\> $sniff=c:\scripts\posh\get-packet.ps1 -local 172.16.10.102

fails. However, this works:

PS C:\> c:\scripts\posh\get-packet.ps1 -local 172.16.10.102 | out-file c:\test\sniff.txt

When I press Ctrl-C I can open the file. This will also work:

PS C:\> c:\scripts\posh\get-packet.ps1 -local 172.16.10.102 | export-clixml c:\test\sniff.xml

Even better because now I can work with objects and so sorting, filtering or other stuff. Although, the import is not perfect and may need some tweaking. I’m glad Robbie figured out all the hard networking pieces.  Give it a shot and let me know what you think.