Results 1 to 5 of 5

Thread: Ethereal

  1. #1

    Ethereal

    I'm assuming this is the best packet sniffer to use? Could someone explain the differences between it and it's competitors?
    MySig != Worth your time

  2. #2
    Senior Member
    Join Date
    Feb 2004
    Posts
    105

    re: ethereal

    I would posit that it largely depends upon:

    1. your taste
    2. the task undertaken
    3. your tase

    I personally favor ethereal, but I wouldn't say it is the best sniffer. I might say it is the best sniffer for me...but not anyone else. And I employ other sniffing tools if the situation warrants something other than ethereal.

    For example, I might use kismet to passively capture 802.11 traffic before using ethereal. I could use ethereal by binding it to the wi-fi card, but I just prefer Kismet for those situations (but i do load the logs into ethereal for analysis !!!).

    What other sniffers are you wanting to draw contrasts/comparisions to? I might be able to go more in-depth...

    Cheers,
    <0
    Ego is the great Logic killer

  3. #3
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Spydrpop,

    I did have a multitude of links pasted below, but then I realized how important it is to study about what you are actually going to do before you do it. If I just give you a bunch of links to sniffers, and you start sniffing away whereever you please (and btw if your a sniffing your own personal network then that's fine, start sniffing someone else's and you may be visiting bubba's cell). Folks just don't like that stuff anymore and it is very illegal. But back to the subject: you must first learn what you are doing and research is one of the most important parts of that. So you shouldn't want anyone to spoon feed you, when self-study is needed.

  4. #4
    @ÞΜĮЙǐЅŦГǻţΩЯ D0pp139an93r's Avatar
    Join Date
    May 2003
    Location
    St. Petersburg, FL
    Posts
    1,705
    http://www.antionline.com/showthread...iffer+tutorial

    http://www.antionline.com/showthread...iffer+tutorial

    Try these tutorials.

    I also like ethereal, it's efficient, it's reliable, and I have it on both Windows and Linux.

    BTW, sniffing is not always illegal. It is a gray area of the law. It's really no different than listening in on a conversation.
    Real security doesn't come with an installer.

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Like others posted... depends on what you want to sniff.

    If you just want to sniff your local host and are on a switch... then ethereal is my choice.

    For sniffing a switched network, then I use ettercap.

    Another good one for sniffing a switched network is dsniff. (I haven't used this on as much.)

    If you are on a hub... then any sniffer should do the job. The hub will repeat all traffic that hits it. Though... hubs aren't being used that much anymore. People will often use a hub to put behind or infront their routers for an IDS. Other than that... they're almost a waste.

    Sometimes, I just use tcpdump or windump.

    Just depends on what you are trying to view.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •