Firewall Wizards mailing list archives

Re: Sniffer Opinions?

From: Brett Eldridge <brett () atomicgears com>
Date: Fri, 29 Mar 2002 19:28:30 -0800 (PST)

On Tue, 19 Mar 2002, Ames, Neil wrote:

I want a product that will let me identify many protocols, group
conversations easily, and provide decent reporting, on Ethernet.


90% of the time, i still think tcpdump is the best tool. the newer
versions (see http://www.tcpdump.org/) even have quite a few protocol
decoders (e.g., ipsec, vrrp, etc.).

if you haven't used the latest version from tcpdump.org, you should really
give it a try.

tcpdump is fast and very easy to use on-the-fly (i.e., command line,
'tcpdump -n -vv -s1500 tcp port 23 and host foo').


- brett

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Sniffer Opinions? Ames, Neil (Mar 29)
- Re: Sniffer Opinions? black (Mar 29)
- Re: Sniffer Opinions? Robert Graham (Mar 29)
- Re: Sniffer Opinions? Brett Eldridge (Mar 30)