[unisog] Remote sniffers- what do you use?
flynngn at jmu.edu
Wed Mar 8 22:23:35 GMT 2006
> Just wanted to say that this is a really helpful and friendly group.
> Thanks for all the good ideas!
> Right now, I'm trying to evaluate various sniffer tools. I've taken a
> look at NetScout's nGenius and Network General's Sniffer/Infinistream.
> Both seem extremely top-heavy business oriented suites which require
> lots of care and feeding. What I'd really like is just a super simple
> way of seeing packets on every local network. My current thought is to
> just use some sort of opensource sniffer on a bunch of small hosts that
> sit off span ports at each major distribution point. I'd script the
> spanning so it would be easy to get onto the right network.
> Anyone have any recommendations for an open source sniffer (ideally cli
> and web interface, no weird platform or java dependencies)? Catering
> to individuals' prejudices against/for user interfaces turns out to be
> a lot more difficult than the backend stuff.
> What are you using?
tcpdump, tcpflow, ngrep and, when needed, ethereal
James Madison University
More information about the unisog