Easy to use Network Protocal Analyzer
Results 1 to 6 of 6

Thread: Easy to use Network Protocal Analyzer

  1. #1

    Easy to use Network Protocol Analyzer

    I've been searching for a network protocol analyzer (read: packet sniffer) that is not only easy to use, but doesn't require a C, Perl, etc. compiler. Does anyone know of any good ones? Please note that I don't wish to use it for malicious purposes, but to analyze traffic sent to and from my network.

    Thanks in advance.
    Last edited by seiferaistlinlp; November 20th, 2006 at 07:53 PM. Reason: Stupid typo in the topic

  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    ettercap?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #3
    Junior Member
    Join Date
    Nov 2006
    Posts
    5
    Funny how you jump to the conclusion that we think that you'd be using it maliciously

    Wireshark? (Ethereal)

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    I second Wireshark (previously known as Ethereal). It works on Linux and Windows, and is (relatively) easy to use with a GUI.

    There are a few weird things, like the capture filter syntax is a bit arcane, but generally it's straightforward.

    You still need to know a bit about networking to make sense of its output though.

    Note that on a lot of hardware, under Linux, you get "Incorrect checksum" from locally-generated packets. This is because Linux uses hardware checksums hence Ethereal can't see the true values and gets junk instead.

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    While wireshark is the defacto sniffer that most people go to, Linux also has TCPDump, which supports the same syntax (more or less) as wireshark.

    That said, you can also use this handy little sniffer that doesn't require you to do anything other than run it (no pcap installs, etc.)

    http://www.snapfiles.com/get/axpacketmon.html

    AnalogX packetmon.

    Enjoy.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #6
    Junior Member
    Join Date
    Aug 2006
    Posts
    29
    Heres another post supporting Wireshark. I would definitely say it's a must have tool, especially on a thumb drive.
    I have my CCNA and i'm currently working towards my CCNP and CSSP.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides