asked on

What is your favorite Protocol Analyzer / Network Sniffing utility etc and why?

I am looking at adding some utilities to my tool kit and looking for some advise on what others are using. I have access to a Sniffer Pro Distributed with 5 ports (1 integrated and 4 virtual) on my WAN but looking to add some portable options.

What do you use and why do you think it is the best for you?

ASKER CERTIFIED SOLUTION

RichieHindle

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

happythedog

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

Caseybea

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

shahrial

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

kitisak

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

futurelogix

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

RDAdams

ASKER

Hmm this is a good start. I have tried ethereal but some of these others mentioned I haven't looked at yet.

Does anyone know of a utility that looks similar to the Sniffer Pro dashboard? Something with Gauges to see general traffic stats in real time?

SOLUTION

shahrial

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

RDAdams

ASKER

Any other comments???

dramatix01

I am a big fan of the free utilities as are most of the others here, but had some experience with the Wildpackets products. The Wildpackets products also have the gauges, line and bar graphs that some seems to love, but you pay dearly for all of those little features.

Also, my two cents... Mentioned above was Knoppix. I prefer PHLAK. Similar to Knoppix as it boots and runs off of a CD, but there isn't a lot of fluff. By fluff I mean redundant programs and games. PHLAK's focus is on the tools... It does include Ethereal, too.

Hope this helps.

winkingtiger

I like Ethereal except for its lack of wireless NIC support. It does everything you need it to and more....plus it's free.

Ethereal.com

shahrial

PHLAK is a purpose built software...(very nice)...;-)
[P]rofessional [H]acker's [L]inux[A]ssault [K]it.....

Linux Tools
http://www.phlak.org/modules/sections/index.php?op=viewarticle&artid=1

Windows Tools
http://www.phlak.org/modules/sections/index.php?op=viewarticle&artid=2

To download : http://www.phlak.org/modules/mydownloads/

JRaster

I like IRIS by eeye. But it costs $$$

alien_ghost

erm... hey, everything there is to say has been said!
yeah, ethereal, nmap (www.insecure.org), netstubler, knoppix, Professional Hacker's Linux Assault Kit (www.phlak.org), etc, etc

hope this helps!
:)

btw, ethereal DOES support wireless nics! and virtual adapters. i use it on my school's network, all the time via the wireless! on XP and Fedora Core 2. works perfect!

alien_ghost

www.nessus.org is quite cool
sorry, im new here, and don't know how to edit my previous post, in order to add this to it...
definetly try phlak

kitisak

snort -v

FSMB

Though this thread is old, a great freeware scanner would be superscan 4.0 - foundstone.com...