Outcoming packet sniffer on win2k

Hi,

I'm looking for a packet sniffer on win2k who can perform incoming and Outcoming sniffing but I don't find anything. All I can find are sniffer that does only incoming sniff.

Does anyone know a software who does outcoming sniff ?

http://www.ethereal.com/

Try This one I think it will do what you want.

Cheers:

Sevari gave you a link to about the best packet sniffer available for Windows. Ethereal should provide both incoming and outgoing packet information to you...

Thank you, I'm going to try them.

You can also try WinDump, it's the Windows version of the well known TCPdump. Ethereal is easier to use with it's GUI but it tends to crash my box, that's why I prefer WinDump.

KC

to the best of my knowledge etherreal and windump rule but they both require winpcap which is really no bother but if DjM's link is as good as it looks it sure would simplify matters and save space on the HD.

thanks DjM ill try it tonight on one of my home boxen.

If you don't want to bother with libpcap see the below noted url. This is an advanced tool in comparison with ethereal which is gui driven and geared to the novice.http://www.nextgenss.com/software/ngssniff.html

ok im running it now. it really is pretty cool. it dosnt give near the info that eathereal gives but you don't always need all that. i like the resolve source/destination feature allot. And for now im enjoying the "alarm". when packets are captured with filters in place this could really help discover what your looking for.

thanks DjM its a keeper

actually i found a little tool... ngsniff ... from http://www.ngsec.com/ngresearch/ngtools/ no drivers, 1 file.. I use it at work alot and have had a need for it at home as well...

ngsniff --interface 0

and it dumps to std out... so

ngsniff --interface 0 > dmp.txt

and you get a log.. full packet information.. header and data...

i like it atleast.