Re: tcpdump installation on unix firewall?

[Siglite <siglite () criticalstop com>]

I've never run a sniffer directly on the firewall.  However, I've found it
extremely usefull to have sniffers on both sides of it.  In fact, that's
generally the first place I go when I'm having a connectivity problem
through the firewall.  

/*-----------------------------------*/
/* I live with FEAR every day.       */
/* But, sometimes, she lets me RACE. */
/*-----------------------------------*/

KT Morgan
Network Engineer
Checkpoint Firewall-1 CCSA/CCSE
Microsoft MCP
Software Systems Group, Inc

On 27 Aug 1999 Andreas.Bolatzki () ch danzas com wrote:

> Hi fw-wizards
>
> Do you consider it an utterly bad idea to install a packet sniffer on a firewall. (HP box running FW-1).
> Why would I want to do this?
> Perhaps you know this already: If sth. is not working it's either the firewall or the network.
> I need a tool to proove what's going on... Badly performing server, find out what normal traffic is for an 
> application (data volume, traffic profile for one request....) and more of this kind. 
>
> Is there anybody out there... doing this?
>
> Does it interfere with the FW-1 software?
>
> Thanks,
>
> Andy :-oe.
>
>
> ---
> Andreas Bolatzki                                                   
> DANZAS Management AG
> Corporate IT Operations and Support                    
> Muenchensteinerstr. 43
> CH-4002 Basel, Switzerland
> Tel. +41 (61) 319 8686,  Fax. +41 (61) 319 8866                 
>  Internet: andreas.bolatzki () ch danzas com
>  X400: C=ch;A=atlas;P=danzas;O=dzchbslho;S=Bolatzki;G=Andreas