sniffers

[Kevin D. Clark]

bmcculley at rcn.com writes:

> Just got a question from a friend who is looking for a sniffer
> to capture network session traffic so he can dump packets to
> look at certain anomolies that seem to be occurring.  All I am
> familiar with is tcpdump, wondered if there's anything easier
> to configure and use.  Any recommendations amongst Ethereal,
> tcpdump, or others?

I highly recommend Ethereal, tcpdump, and tethereal (text ethereal).
Each of these can read capture files generated by the other, so you're
never locked into using one or the other.

Ethereal has a very nice GUI and decodes a *lot* of protocols; your
friend might like this best.


Make sure you are running a fairly recent version of these tools -- a
number of security problems have been discovered recently with these
tools.

--kevin
-- 
Hello!  Hello!  Are you there?  Hello!  I called you up to say hello.
I said hello.  Can you hear me Joe?

Oh, no.  I can not hear your call.  I can not hear your call at all.
This is not good and I know why.  A mouse has cut the wire.  Good-bye!

    - One Fish, Two Fish, Red Fish, Blue Fish
      Dr. Seuss