[NTLUG:Discuss] Traffic sniffers
MadHat
madhat at unspecific.com
Wed Aug 21 13:00:24 CDT 2002
On Wed, 2002-08-21 at 12:02, chris.gamble at CPBINC.com wrote:
> I was recently intersted in knowing what was going on in my local network. I
> have discovered a few products that have good ability to detail that
> information (ie ethereal, ntop and to a degree etherape), and a few tools
> used it seems primarily for hacking, but what I am really looking for is
> tools that do a very good job of detailing my network traffic etc. The best
> example I have found of this was ksnuffle, but I am unable to get that
> package installed or built from source.
>
> My question, is any one familiar with these packages (perhaps enough to work
> through a ksnuffle install with me), or suggest another package that is
> powerful and detailed in reporting.
>
> Thoguhts?
ethereal is probably best and most used, but it depends on what you are
trying to do I guess. It can not only sniff traffic, but put streams
back together, so you can see whole conversations and the files
involved. It shows each detail of the packets in an easy to use format
as well as hex and ascii so it can be used in other places as well. I
can't imagine a better sniffer or interface for the data.
It comes back to, what are you trying to do?
What are you wanting to see?
What kind of reports are you looking for?
--
MadHat at Unspecific.com
"Anyone who understands Linux/Unix, really understands the universe.
Anyone who understands Windows, really understands Windows."
- Richard Thieme, DefCon 10, 2002
More information about the Discuss
mailing list