Easy to use Network Protocal Analyzer

**seiferaistlinlp** · November 20th, 2006 07:47 PM

I've been searching for a network protocol analyzer (read: packet sniffer) that is not only easy to use, but doesn't require a C, Perl, etc. compiler. Does anyone know of any good ones? Please note that I don't wish to use it for malicious purposes, but to analyze traffic sent to and from my network.

Thanks in advance.

***nihil*** · November 20th, 2006 09:17 PM

ettercap?

**ReVoLT** · November 20th, 2006 09:37 PM

Funny how you jump to the conclusion that we think that you'd be using it maliciously

Wireshark? (Ethereal)

***slarty*** · November 21st, 2006 09:02 AM

I second Wireshark (previously known as Ethereal). It works on Linux and Windows, and is (relatively) easy to use with a GUI.

There are a few weird things, like the capture filter syntax is a bit arcane, but generally it's straightforward.

You still need to know a bit about networking to make sense of its output though.

Note that on a lot of hardware, under Linux, you get "Incorrect checksum" from locally-generated packets. This is because Linux uses hardware checksums hence Ethereal can't see the true values and gets junk instead.

***thehorse13*** · November 29th, 2006 08:06 PM

While wireshark is the defacto sniffer that most people go to, Linux also has TCPDump, which supports the same syntax (more or less) as wireshark.

That said, you can also use this handy little sniffer that doesn't require you to do anything other than run it (no pcap installs, etc.)

http://www.snapfiles.com/get/axpacketmon.html

AnalogX packetmon.

Enjoy.

--TH13

**Zunger** · December 6th, 2006 08:13 PM

Heres another post supporting Wireshark. I would definitely say it's a must have tool, especially on a thumb drive.

Thread: Easy to use Network Protocal Analyzer

Thread Tools

Display

Easy to use Network Protocol Analyzer

Bookmarks

Bookmarks

Posting Permissions