One can get the Ethereal sources and compile them on MacOS X. I did
this last year. There are also MacOS X graphical front-ends for
Ethereal. I'd do some searching for it.
In addition, while I've never done any real comparison, there are
also two very very good commercial sniffer software packages:
"EtherPeek" and "NetMinder Ethernet". I have both but tend to use
EtherPeek almost exclusively - it's just the tool I've become
accustomed to so I'm not sure which is better....
armando
Begin forwarded message:
From: "Little Snitch Support" <[EMAIL PROTECTED]>
Date: May 25, 2005 3:10:35 AM PDT
To: <[email protected]>
Subject: Re: [Littlesnitch-talk] Does LS intefere with Ethernal
(packet monitor)
Reply-To: <[email protected]>
On May 25, 2005, at 11:46, Thomas Rohde wrote:
> Little Snitch Support schrieb:
>
>> On May 24, 2005, at 05:58, Timothy wrote:
>>
>>> [..] Ethernal packet monitor?
>>
>> I suppose you mean Ethereal. [..]
>
> <http://www.cs.usfca.edu/~jbovet/ethernal.html>
Thanks for the pointer, I did not know that application. We don't use
Ethernal ourselves, but the same comments should apply. Ethernal works
on the BPF level which comes AFTER the point where Little Snitch
intercepts.
If you want to do serious network traffic analysis, I'd really
recommend Ethereal because it has parsers for almost all known network
protocols. Unfortunately, Ethereal has no native Mac OS X version, you
need X-Windows installed.
Regards, Christian.
--
Little Snitch Support, Objective Development.
[EMAIL PROTECTED]
_______________________________________________
Littlesnitch-talk mailing list
[email protected]
http://at.obdev.at/mailman/listinfo/littlesnitch-talk
_______________________________________________
Littlesnitch-talk mailing list
[email protected]
http://at.obdev.at/mailman/listinfo/littlesnitch-talk
