Regarding packet sniffing on a switched network, I don't know if there is
anything for Windows, but for Linux there's ettercap
(ettercap.sourceforge.net). It pretty much poisons the ARP table of the
source and destination of the host you want to sniff. "Man in the middle" is
what they call it.
cheers,
-matt
On Monday 24 September 2001 14:25, Paul W. Roach III wrote:
> Alright,
>
> First things first:
>
> 1. Is your network a switched, or broadcast ethernet network? If you are
> on a switched network, you are only going to see data that is meant for
> your box to see, meaning layer 2 and 3 broadcasts, and data targetted
> toward your box.
>
> 2. If you are on switched network, you can set your switch to mirror all
> traffic to your port
>
> 3. The best sniffer for windows is EtherPeek IMHO, far and away.
>
> -BT23
>
>
> ----- Original Message -----
> From: "cookie surfin" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, September 22, 2001 4:25 AM
> Subject: help needed....
>
> > hi friends,
> >
> > i need a help from u...i m using winsniffer 2.1 version at my company
> > which is having small LAN containing 25 systems...on the way i m
> > interested to run packet sniffer, software on that...so i downloaded
> > winsniffer i used it..i didn't any response its absoultely dumb...can u
> > plz suggest wich one is the best packet sniffer for windows..and the
> > usermanuals for it....
> >
> > thanku guys,
> >
> > thanks in advance,,,
> >
> >
> > cookies_bugtraq....
> >
> >
> > ----------------------------------------
> > http://mail.indiainfo.com
> > India's first ISO certified portal
