[Dshield] Traffic comparison - looking for tools -- the final answer

Josh Tolley josh at raintreeinc.com
Wed Jun 8 14:12:09 GMT 2005

>>I'm trying to track down a problem with a client-server application 
>>where the app quits responding periodically. After some investigation, 
>>it appears the problem might be caused by dropped packets, though since 
>>the communication is TCP, and TCP is supposed to handle that kind of 
>>thing, I can't be too sure. I'd like to set up a sniffer at the client's 
>>site and one at the server, and just compare to see if what gets sent 
>>matches what is received.

To reply to my own post, it looks like the problem was caused by an 
unexpected firewall configuration at the client side, and I didn't end 
up having to compare traffic streams. Yet.

Thanks to all for your suggestions. As a side note, I discovered a 
feature in Ethereal I hadn't known was there: the "Follow TCP Stream" 
option. Really useful stuff...

Josh Tolley
Raintree Systems, Inc.

