• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 747
  • Last Modified:

What is your favorite Protocol Analyzer / Network Sniffing utility etc and why?

I am looking at adding some utilities to my tool kit and looking for some advise on what others are using.  I have access to a Sniffer Pro Distributed with 5 ports (1 integrated and 4 virtual) on my WAN but looking to add some portable options.  

What do you use and why do you think it is the best for you?
0
RDAdams
Asked:
RDAdams
  • 3
  • 2
  • 2
  • +9
7 Solutions
 
RichieHindleCommented:
Ethereal, http://www.ethereal.com/  It's free, cross platform, very reliable, and understands lots of protocols.  It's always done whatever I've needed from it.
0
 
happythedogCommented:
Fluke Network analyzers are great, as is a wiremapper cabletester etc,
0
 
CaseybeaCommented:
I second the vote for Ethereal.    note:   **It's available for a variety of operating system platforms.**    And the price is right (free).

"Netstumbler" (www.netstumbler.com) is another cool tool for networks-- since wireless networks are becoming more and more pervasive....  

You also said you're asking for "etc"....  so I'll put in my $0.02---    something that should be a part of EVERY technical dude's (or dudette's) toolkit is KNOPPIX.

http://www.knoppix.net

It's a CD-ONLY linux distribution (inset cd, boot, voila!  NO install) - and comes with TONS of tools.   (Can't remember if ethereal is on there by default or not).   But there's tons of OTHER things that are great network tools, AND tools to help do things like rescue fried boot loaders, etc etc.   Give it a shot.

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
shahrialCommented:
RDAdams,
... what can i say...it already been said. Agreed with RichieHindle and Caseybea...
1.) Ethereal - for wired network
2.) Netstumbler - for wireless network
3.) Knoppix - good for a lot of things...(mine comes with Ethereal).

A whole suite of WildPackets products are also good,
- EtherPeek NX - for wired network
- AiroPeek NX - for wireless network
- GigaPeek NX - for Gigabit network
- EtherPeek VX - for VoIP Network

...;-)
0
 
kitisakCommented:
I like to use windump, TCPdump(linux), and Ethereal.
All of them are freewares.
0
 
futurelogixCommented:
http://www.snort.org/

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Many people also suggested that the Analysis Console for Intrusion Databases (ACID) be used with Snort
0
 
RDAdamsAuthor Commented:
Hmm this is a good start.   I have tried ethereal but some of these others mentioned I haven't looked at yet.

Does anyone know of a utility that looks similar to the Sniffer Pro dashboard?  Something with Gauges to see general traffic stats in real time?
0
 
shahrialCommented:
The NetBoy Suite is a complete real-time visual Internet and LAN network monitoring suite of software tools, that simplifies the task of Network Managers to troubleshoot and efficiently maintain networks.
http://www.snmp.co.uk/netboy/

The NetBoy Suite is a collection of three programs:

EtherBoy - The real time visual multi protocol LAN monitor
WebBoy - The real time visual Web traffic LAN Monitor
PacketBoy - The packet capture, analyzer and decoder

Free trial copy is available for download...;-)
0
 
RDAdamsAuthor Commented:
Any other comments???
0
 
dramatix01Commented:
I am a big fan of the free utilities as are most of the others here, but had some experience with the Wildpackets products.  The Wildpackets products also have the gauges, line and bar graphs that some seems to love, but you pay dearly for all of those little features.

Also, my two cents...  Mentioned above was Knoppix.  I prefer PHLAK.  Similar to Knoppix as it boots and runs off of a CD, but there isn't a lot of fluff.  By fluff I mean redundant programs and games.  PHLAK's focus is on the tools...  It does include Ethereal, too.

Hope this helps.
0
 
winkingtigerCommented:
I like Ethereal except for its lack of wireless NIC support.  It does everything you need it to and more....plus it's free.

Ethereal.com
0
 
shahrialCommented:
PHLAK is a purpose built software...(very nice)...;-)
[P]rofessional [H]acker's [L]inux[A]ssault [K]it.....

Linux Tools
http://www.phlak.org/modules/sections/index.php?op=viewarticle&artid=1

Windows Tools
http://www.phlak.org/modules/sections/index.php?op=viewarticle&artid=2

To download : http://www.phlak.org/modules/mydownloads/
0
 
JRasterCommented:
I like IRIS by eeye.  But it costs $$$
0
 
alien_ghostCommented:
erm... hey, everything there is to say has been said!
yeah, ethereal, nmap (www.insecure.org), netstubler, knoppix, Professional Hacker's Linux Assault Kit (www.phlak.org), etc, etc

hope this helps!
:)

btw, ethereal DOES support wireless nics! and virtual adapters. i use it on my school's network, all the time via the wireless! on XP and Fedora Core 2. works perfect!
0
 
alien_ghostCommented:
www.nessus.org is quite cool
sorry, im new here, and don't know how to edit my previous post, in order to add this to it...
definetly try phlak
0
 
kitisakCommented:
snort -v
0
 
FSMBCommented:
Though this thread is old, a great freeware scanner would be superscan 4.0 - foundstone.com...
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
  • 2
  • +9
Tackle projects and never again get stuck behind a technical roadblock.
Join Now