I was wondering if anyone tried to use two analyzers or monitors on the same machine.
For example using different filters on each one to monitor certian traffic
Thanks for the help
Printable View
I was wondering if anyone tried to use two analyzers or monitors on the same machine.
For example using different filters on each one to monitor certian traffic
Thanks for the help
I've used Ettercap and Ngrep at the same time on my Linux boxes. It seems to work fine, but I would imagine it there is too much traffic they may miss more packets.
I've used TCPDump and Ethereal at the same time on one interface and then used ettercap on a second interface. AFAIK, it didn't miss any packets...
Thanks for the quick replies, but i did mean on the same interface. And i was thinking about it , I would probably would need to create tight filters so they do not overlap and miss packets.
Why don't you just use ethereal and capture everything, then go back and create your filters?
Then you can be sure that you don't miss anything. ;)
You can have as many capture applications running as you like - they'll all see all the traffic, provided they don't exhaust some other resource (like CPU time or memory)
Slarty