Good network sniffer?

Borger_Ben1 · January 12, 2004, 8:48pm

Hi Nanog,

Can anyone recommend a good network monitor that can replay captured
packets? Windows or *nix. Free is great, commercial is ok too.

TIA,

Ben

Erik_Haagsman · January 12, 2004, 10:31pm

tcpdump + Ethereal for *nix, best tool in de biz if you ask me...and
free too.

Cheers,

Erik

Andy_Grosser2 · January 12, 2004, 10:55pm

Can anyone recommend a good network monitor that can replay captured
packets? Windows or *nix. Free is great, commercial is ok too.

Ethereal. Free. http://www.ethereal.com

You gotta love their catchy little descriptive sub-heading: "Sniffing the
glue that holds the Internet together."

Joe_Abley3 · January 12, 2004, 11:08pm

tcpdump and ethereal can replay captured packets?

Kevin_C_Miller · January 12, 2004, 11:17pm

Tcprelay may get the replay portion of your question,
<http://tcpreplay.sourceforge.net/>

-Kevin

Yann_Berthier2 · January 12, 2004, 11:51pm

You can add netdude <http://netdude.sourceforge.net/>, along with
ethereal and tcpreplay, and you will have a powerful solution to
sniff and decode packets, and to edit and replay them at will.

- yann

Alexei_Roudnev · January 13, 2004, 5:17am

{tcpdump || snort - as a agents} + ethereal.

Much better than $xx000 commercial sniffer(s) /I used both, and oput
commercial system into the wastebucket after comparation/.

Exception - if you need H.323, use commercial sniffers.