RE: Distributed sniffer products

["Braun, Mike" <MBraun () firstam com>]

We've been playing with Wildpackets http://www.wildpackets.com/.  They sniff
LAN to Gig and some WAN as well.  The Distributed model is still vaporware,
but is said to be out soon.  The expert analysis is comparable if not better
than NAI.  

Mike Braun 

-----Original Message-----
From: Brennan_Murphy () NAI com [mailto:Brennan_Murphy () NAI com]
Sent: Wednesday, September 03, 2003 1:02 PM
To: owen () delong com; JAustad () temgweb com; nanog () merit edu
Subject: RE: Distributed sniffer products



The cost benefit analysis on Ethereal/etc vs Sniffer on anything
but the smallest of networks is usually very easy to make.
The fundamental issue is what questions do you have and 
should you have about your network and what tool answers
those questions efficiently and reliably. Good protocol
analyzers sell because they save time in answering important
questions. Sniffer recently released a SMB Sniffer
called Netasyst...worth a look if cost has been an issue
in the past.  So ends this biased response. :-)


-----Original Message-----
From: Owen DeLong [mailto:owen () delong com] 
Sent: Wednesday, September 03, 2003 2:50 PM
To: Austad, Jay; 'nanog () merit edu'
Subject: Re: Distributed sniffer products



Etherial and other libpcap tools work reasonably well, can be easily 
deployed
using commodity hardware, and would cost you a lot less than NetAssoc.

Owen


--On Wednesday, September 3, 2003 1:07 PM -0500 "Austad, Jay" 
<JAustad () temgweb com> wrote:

> Anyone have any experience with these?  I'm looking for something 
> similar to Network Associates Sniffer product.
>
> Are there any open source projects that are decent?  What are others 
> using?
>
> ----------------
> Jay Austad
> Senior Network Analyst
> Travelers Express / MoneyGram
> e: jaustad () temgweb com p: 952.591.3779