I am trying to do a test of sorts by creating a small network transferring data from one computer to another and then trying to capture the data from a third computer using a packet sniffer, or some sort of similar program. What is the best, available, and downloadable software available for this experiment? Are there any limitations on what one can capture with such software? As much as needing the software I also need some reading material on making this work and would appreciate any help available. This is an academic exercise done within a school lab for those needing to know such information. TIA.
Packet Sniffers
- Thread starter Rubicone
- Start date
Only hang up would be if you were using switches. If you are monitoring with computer C plugged into port C on an ethernet switch, but you want to capture conversations between computer A and B plugged into switch ports as well then you won't "see" the traffic.
Most managed switches will let you mirror the traffic on one port to another or mirror an entire vlan.
If all three computers are on a hub then you won't run into this issue.
Most managed switches will let you mirror the traffic on one port to another or mirror an entire vlan.
If all three computers are on a hub then you won't run into this issue.
I wanted to simulate various LAN and WAN scenarios. Do you have more info on "Most managed switches will let you mirror the traffic on one port to another or mirror an entire vlan." Out of curiousity, what programs do ISPs use to monitor their users' activities?
If you want to simulate LAN and WANs you'll need to build a lab with a few switches and routers. You'll need a WAN sniffer though to "see" WAN traffic. Something that is in line with the WAN interface and there a different WAN interfaces like V.35, HSSI, T1, DS3, ATM, etc.
Ethereal and Network Associates Sniffer are very popular.
More info on mirroring a port can be found in the user manual for the switch. Different switches handle it differently, low end unmanaged switches can't even mirror so that's when you'd use hubs.
Ethereal and Network Associates Sniffer are very popular.
More info on mirroring a port can be found in the user manual for the switch. Different switches handle it differently, low end unmanaged switches can't even mirror so that's when you'd use hubs.
I know my 1912 with enterprise does. It most likely depends on what IOS you are running. I know that "standard" 1900's have extremly cut down functionality.
Dan
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
This is one thing that always p!ssed me off about Windows, things like that are considered special features when they should be base functionality. In Windows Ethereal won't work with my wireless card, but if I boot Linux I just run 'tcpdump -i wlan0' and it sniffs like any other network interface, if I dialup I just do 'tcpdump -i ppp0', etc.
I can get ethereal to work in windows with my wireless adapter, but it causes my comp to freeze after I stop a capture...
In linux, its great!
In linux, its great!
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 20K
-
-
-
Facebook
Twitter