Re: Network Sniffers

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Paul Mooring
Date:  
To: Main PLUG discussion list
Subject: Re: Network Sniffers
I'm not sure what your exact needs are, but I generally prefer to use
tcpdump for capturing (cli tool) and wireshark when I need more a advanced
view of the traffic. You can take the output of tcmpdump and view it in
other tools with the '-w' flag. Related but not really a network sniffing
tool, no one really uses hubs anymore so to sniff unicast traffic intended
for other hosts you'll need to poison the arp cache on the switch.
Ettercap is the easiest way to poison an arp cache (also please don't do
this unless you own the network/have approval).
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss