-
August 16th, 2003, 11:07 PM
#11
the developers pack isn't necessary as their is a pre-compiled binary version available.
is you just want a sniffer to fool around with (ethereal is dead serious) try packetmon from anologX
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
August 16th, 2003, 11:08 PM
#12
Member
don't forget about ettercap for sniffing on switched networks, they have a windows version.
-
August 17th, 2003, 12:20 AM
#13
Senior Member
what is the diference?
I know I'm not the one who started this thread, but what is the difference between the two, ethereal and packetmon? And yes I would just be learning it for the time being. Thanks
Freddy
-
August 17th, 2003, 01:42 AM
#14
etherreal gives much more detailed information, breaking the entire packet down into its relevant fields (flags, protocol, etc.) for indepth analyasis. and has many advanced features. if your looking to optimize a network this is the tool.
screen shots:
http://www.ethereal.com/introduction.html#screens
packetmon is bare bones showing you the contents of the packet in ascii or binary.
screen shot:
http://www.analogx.com/contents/down...twork/pmon.htm
they both have advanced filtering. They both can output to a file in csv format. They're both free.
most of the time when i use a packet sniffer im interested in the ascii content and dont need all the related info.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
-
August 17th, 2003, 02:07 AM
#15
If your looking for a really robust one and cost is not an issue (that is if maybe your
"specking" one out for a client or your company) then NAI's (network associates)
SnifferPro is the industry's choice. It's not cheap though..Unless you pick up a copy from Ebay..
Alittle history on SnifferPro..
A few yrs back, Network General was the dominant vendor when it came to protocol analyzers.
They had a product called network General Sniffer/ DOS based..The software back then ran for about 30,000 and each NIC you installed was proprietary and costed about 5-10k,,,
(yea I know ridiculously expensive) but it was every major financial company's choice...
I remember carrying one in subways of NY city fully loaded with every NIC (about 100K worth)
Later on a company called (not sure of spelling) Cinconet had a reall nice GUI product
called NetXray..It was nice GUI interface but not as robust as Network General Dueltsch Sniffer..
Then NAI bought the two products and created SNifferPro..(Its an Awsome tool)
Also its not as expensive as the DOS version was..and NIC cards are no longer
proprietary...
Just a personal opinion..
P.S.
Ethereal is what I recommend if your looking for a free product....
-
August 17th, 2003, 02:08 AM
#16
Analog X is a great little sniffer. I can't believe I forgot to mention it. Thanks Tedob1 for throwing that link up. I tried to reward you but the good ol' AP system wont have it.
I agree that SnifferPro is the bomb. I love the dashboard display but the only problem is the pricetag. I had a copy at my last job and even then it was 27K for one license.
--TH13
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
-
August 17th, 2003, 02:30 AM
#17
27k for a license , It better give you a bj every morning for that price *off i go to figure out what makes the proggy worth so very much*
Do unto others as you would have them do unto you.
The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
-- true colors revealed, a brown shirt and jackboots
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|