HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 17 guests and 1 member online
EH-Net Donations

Enter Amount:
$
Google Ads
EH-Net News Feeds
Latest Additions
Book Recommendations



 
Advertisement

You are here: Home arrow Forum arrow Resourcesarrow Toolsarrow Favorite Sniffer/Protocol Analyzer
Ethical Hacker Community Forums
November 20, 2008, 04:38:16 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: ChicagoCon 2-Day Ethical Hacking Conference with MS Blue Hats Oct 31 - Nov 1. Tickets Only $100! www.chicagocon.com/content/view/103/51/
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Favorite Sniffer/Protocol Analyzer  (Read 8779 times)
0 Members and 1 Guest are viewing this topic.
shawn
Newbie
*
Offline Offline

Posts: 15



View Profile
« on: January 26, 2007, 09:53:17 AM »
I know alot of people will say ethereal/wireshark to this question because it is probably the best free analyzer you can get, but I was wondering what sniffers/network protocol analyzers some of you use and like.  I currently use wireshark and have some experience with Network Generals Sniffer Pro.  Anyone have any comments good or bad about any others out there free or commercial grade.  If so what do/dont you like about them.
Logged
CEH, CCNA, Security+
slimjim100
EH-Net Columnist
Sr. Member
*****
Offline Offline

Posts: 363



View Profile WWW
« Reply #1 on: January 26, 2007, 10:32:05 AM »
I would highly not recommend the Fluke Network Tools and sniffers. They are very over priced and do not perform very well. I use Ethereal/WireShark & NetworkActiv PIAFCTM (www.NetworkActiv.com).

Just my thoughts...

Brian
AKA Slimjim100
Logged
CISSP, CCSE, CCNA, CCAI, Network+, Security+, JNCIA, & MCP
Kev
Guest
« Reply #2 on: January 28, 2007, 12:07:36 PM »
It really depends on what I am after. As a general purpose sniffer wireshark is good. If I am trying to monitor packets for abnormalities, snort is my pick. If I want to be really nosy, Iris is great because I can actually see the email or website someone is viewing on another host on the network. If I am hacking a box and am in the command line, tcpdump is the way to go.
Logged
Cutaway
Jr. Member
**
Offline Offline

Posts: 96


Cutaway


View Profile WWW
« Reply #3 on: April 03, 2007, 07:30:20 PM »
Daniel Miessler pointed out his write-up about Tcpdump to the Security Catalyst Community http://community.securitycatalyst.com.  I thought you guys would like to know about it.  It is a quick primer on tcpdump.  Very nice introduction.

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/action,post/topic,1012.0/num_replies,2/

Enjoy,
Cutaway
Logged
Go forth and do good things,
Cutaway
jimbob
Sr. Member
****
Offline Offline

Posts: 307



View Profile WWW
« Reply #4 on: April 04, 2007, 04:19:15 AM »
There are a lot of sniffers and protocol analysers with specific functions.

  • Kismet for wifi
  • Bluetooth scanner for bluetooth
  • dsniff for nefarious activities such as password stealing

The list goes on but those are some of my favourites.

Jimbob
Logged
Negrita
Sr. Member
****
Offline Offline

Posts: 289



View Profile
« Reply #5 on: August 17, 2007, 05:24:01 PM »
I personally use Wireshark and Tcpdump at work.

However some of you may know that I work for a company that does DPI, and we have an entire department devoted to protocols analysis. The other day I was talking to some of the guys in that department and I was suprised to hear that they by far prefer to work with EtherPeek (which is now called OmniPeek).
Logged
CEH, CCSA NG/AI, NNCSS, MCP, MCSA 2003

There are 10 kinds of people, those that understand binary, and those that don't.
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.7 | SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.046 seconds with 22 queries.
 
Sponsors

cwnp_moto__120x90.gif

Polls
During the most recent election, I:
 
Support EH-Net

Support EH-Net by
Buying all of your
Amazon items using
the search bar above.
cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!
Recent Forum Topics
Vote For EH-Net

progenic.com
Click here to Vote!

Sadikhov.com
Top IT Cert Sites

binarica.com
Binarica Logo

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2008 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.