Slashdot Mirror

← Back to Stories (view on slashdot.org)

Advanced TCP/IP Analysis Tools?

Posted by Cliff on from the analyzing-those-pesky-packets dept.

fwc asks: "Every once in a while I come across a problem with TCP/IP which defies analysis with your standard TCP/IP sniffers and other analysis tools. Are there any advanced tools out there which I should be adding to my arsenal? Just something which would take a tcp/ip flow and point out things like out-of-order packets, retransmissions, excessive round-trip-delays and other tcp/ip brokenness would be extremely helpful. An open source solution is of course always preferrable."

3 comments

  1. tcpflow? by SEWilco · · Score: 2

    tcpflow home page

  2. Etherpeek by Cadre · · Score: 1

    A company called WildPackets (formerly known as the ag group) makes a program called Etherpeek that has some of the analysis that you are looking for.

    If need something it doesn't do, there is a nice plugin interface so you can write a tool to analysize data.

    The main problem with Etherpeek is that it costs a grand. There is a free demo you can download though. I believe it is only time limited.

    --
    All editorial writers ever do is come down from the hill after the battle is over and shoot the wounded.
  3. etherpeek - good stuff by mergy · · Score: 1

    Before AG Group wanted to get on the IPO bandwagon that has come to a screeching halt and changed their name to Wildpackets, they always had a kick-ass protocal analysis tool - EtherPeek. Originally developed on MacOS and now ported to and seemingly developed on Windoze, Etherpeek still is damn good.

    Also, check out EtheReal - which ships with a bunch of linux distros.