[Dshield] Network Sniffer

Kane Wong kwong at cwalkergroup.com
Tue Sep 9 17:41:52 GMT 2003


thanks for all of your posting!

-----Original Message-----
From: Rade Bonifacic [mailto:Rade.Bonifacic at lavalife.com]
Sent: Tuesday, September 09, 2003 9:55 AM
To: 'General DShield Discussion List'
Subject: RE: [Dshield] Network Sniffer


The reason is you are working in a switch environment. The difference
between hub and switch environmet is when a hub receives a packet on one
port, it will send out a copy of that packet on all ports except on the one
where it was received. After a switch boots up, it will start to build up a
Layer 2 forwarding table based upon the source MAC address of the different
packets received. Once this forwarding table has been built, the switch
forwards traffic destined for a MAC address directly to the corresponding
port.

If you are working in the Cisco environment you can go to the following page

http://www.cisco.com/warp/public/473/41.html

for the instructions how to setup switch for capturing traffic from
different ports

Rade

-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org]On
Behalf Of Kane Wong
Sent: Tuesday, September 09, 2003 12:08 PM
To: list at dshield.org
Subject: RE: [Dshield] Network Sniffer


If using Ethereal, how can I capture the packets from other workstation,
because I found that once I start the packet capturing, it only captures the
packets from and to my workstation only.  If your guys know it, please let
me
know.

Thanks!

-----Original Message-----
From: Roman Fomichev [mailto:from at e-solutions.lv]
Sent: Tuesday, September 09, 2003 4:44 AM
To: General DShield Discussion List
Subject: Re: [Dshield] Network Sniffer


www.ethereal.com very good tool for windows
tcpdump - very good tool for linux
netmon - tool from microsoft - a very good one! I have the full version. 
If I remember corectly it goes with MS SMS.

Roman.


On Tue, 9 Sep 2003 08:42:11 +0200, Graham Dodd <g.dodd at falk-ross.de> wrote:

> Good Morning All,
>
> I am trying to find out if a bad NIC is causing problems with our SQL
> Server, this would be no problem with a Networks General Sniffer, but I
> don't have one anymore :-(
>
> Does anyone know of a suitable software package that will provide 
> statistics
> on the network traffic, specifically giants and runts.
>
> thank you,
>
> Graham
>
> ~~~~~~~~~~~~~~~~~~~~~
> Graham K. Dodd
> Director of Operation
> Falk & Ross GmbH
> Tel. +49(6301)717-0
> Fax. +49(6301)717-270
>
> _______________________________________________
> list mailing list
> list at dshield.org
> To change your subscription options (or unsubscribe), see: 
> http://www.dshield.org/mailman/listinfo/list
>


_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

_______________________________________________
list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list