November 20th, 2006, 08:47 PM
Easy to use Network Protocol Analyzer
I've been searching for a network protocol analyzer (read: packet sniffer) that is not only easy to use, but doesn't require a C, Perl, etc. compiler. Does anyone know of any good ones? Please note that I don't wish to use it for malicious purposes, but to analyze traffic sent to and from my network.
Thanks in advance.
Last edited by seiferaistlinlp; November 20th, 2006 at 08:53 PM.
Reason: Stupid typo in the topic
November 20th, 2006, 10:17 PM
November 20th, 2006, 10:37 PM
Funny how you jump to the conclusion that we think that you'd be using it maliciously
November 21st, 2006, 10:02 AM
I second Wireshark (previously known as Ethereal). It works on Linux and Windows, and is (relatively) easy to use with a GUI.
There are a few weird things, like the capture filter syntax is a bit arcane, but generally it's straightforward.
You still need to know a bit about networking to make sense of its output though.
Note that on a lot of hardware, under Linux, you get "Incorrect checksum" from locally-generated packets. This is because Linux uses hardware checksums hence Ethereal can't see the true values and gets junk instead.
November 29th, 2006, 09:06 PM
While wireshark is the defacto sniffer that most people go to, Linux also has TCPDump, which supports the same syntax (more or less) as wireshark.
That said, you can also use this handy little sniffer that doesn't require you to do anything other than run it (no pcap installs, etc.)
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
December 6th, 2006, 09:13 PM
Heres another post supporting Wireshark. I would definitely say it's a must have tool, especially on a thumb drive.
I have my CCNA and i'm currently working towards my CCNP and CSSP.