sniffit is great for casual sniffing. dsniff is interesting for a number of other reasons. dsniff is a suite of tools that (among other things) can allow you to capture all incoming and outgoing email and dump it into an mbox file. another tool allows you to capture all http traffic. with it you can either dump to a standard apache style access log for analysis or have your netscape surf along with another user. very evil. last but definitely not least on my suite of tools is snort. snort is really for intrusion detection. it's a great system for that purpose too. I like ethereal as well but the built in sniff sucks. use tcpdump or another sniffer that can record in tcpdump format (like snort) and read the contents of that dump file into ethereal for reading. On Tue, Mar 20, 2001 at 03:31:31PM -0800, [EMAIL PROTECTED] wrote: <em>> I want to play with a network packet sniffer for the <em>> first time and I was wondering if anybody had some <em>> previous experience or recommendations. The two I've <em>> heard of are sniffit and Ethereal. <em>> <em>> Ethereal has a number of dependencies :P and sniffit <em>> seems to be pretty much self contained, so I'm <em>> thinking of trying sniffit first. <em>> <em>> Um, Dustin, does Vedalabs have a policy on packet <em>> sniffing? :) <em>> <em>> John Hebert <em>> <em>> __________________________________________________ <em>> Do You Yahoo!? <em>> Get email at your own domain with Yahoo! Mail. <em>> http://personal.mail.yahoo.com/ <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================
-- Scott Harney<[EMAIL PROTECTED]> PGP Key fingerprint = 6D 31 C3 00 77 8C D1 C2 59 0A 01 E3 AF 81 94 63 ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> [EMAIL PROTECTED]: "Re: [brluglist] HTML editor" <li><strong>Previous message:</strong> Scott Harney: "Re: [brluglist] recommend a good sniffer?" <li><strong>In reply to:</strong> [EMAIL PROTECTED]: "[brluglist] recommend a good sniffer?" <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:51 CDT</em> </em> </small> </body> </html>
