What Network Sniffing Tools Do You Use?
network-nose asks: "I work as a Network Administrator in a 500 user manufacturing facility in southeastern Wisconsin. My job is to keep the company running as close to 100% of the time as possible while trying not to spend any money on up to date hardware and software. As of late, we have been having quite a few network problems that can only really be resolved by sniffing packets. I am wondering what tools the rest of you network guys and gals out there use in a corporate environment for analyzing packets. Of course, the more reasonbly priced the better, but I know you usually get what you pay for."
As of late, we have been having quite a few network problems that can only really be resolved by sniffing packets.
What kind of problems are you talking about? On ethernet level? On IP level? On application level?
They all have different approaches, and all have different tools.
bash$
It can come in handy when you're trying to track down a problem with a piece of closed-source software, and the developers are no help. Or a piece of open-source software that is bugging out with certain input from certain IPs.
Sometimes it's not practical to hack sniffing in to the application, when you can just do 'tcpdump -Xns 16384' any time.
They're both free too. I'm honestly a little surprised that a network admin (as the author claims to be) would post this question.
Although I've never used ethereal on windows, it works great on linux. And you can even use tethereal in your scripts since it's the command line based version of ethereal.
I'm honestly a little surprised that a network admin (as the author claims to be) would post this question.
I'm not. It's not like you need to know the secret handshake before you can become a network administrator. In a lot of places, it just means you're the guy who knows the most about it.
Be wary of any facts that confirm your opinion.