Network analyzer and why you may want

Ethereal: A Network Protocol Analyzer

Above is a link to ethereal. It is an excellent tool to analyze the packets sent and received by your machine. It is very interesting to look at and extremely helpful to diagnosis of problems in general.

There is a slight learning curve for how to use it well. But if you are of the type that would be interested in this kind of thing, I trust you are also of the type that can use it well.

For instance, you can see all the traffic on your local lan and what your computers are saying to each other. You can see how your router calls out to your machines to ensure they are still on the network. Lots of other cool things.

You can see when you start up certain software that they are trying to "call home" which many people find they do not like at all.

Play around with it some and you may be glad you have a new tool at your disposal. You could use it to capture all packets sent and received, for many different purposes, from any specific adapter. Perhaps you want to see what your computers are doing while you away or while another is using? Alright, that's a little shady though, heh heh.

Enjoy!

The Product Formerly Known As Ethereal is now called "Wireshark".

Wireshark :: Go deep.

Nice and thank you! I was obviously unaware of the update. Will be checking very soon.

torrentg said:

Nice and thank you! I was obviously unaware of the update. Will be checking very soon.

No problem :)

A few years ago development ceased on "Ethereal" and continued on what they called "Wireshark" instead. It's the same product and most of the same people. Ethereal still works of course, but its protocol dissectors are outdated and there's absolutely no reason not to download the latest Wireshark instead.

MS "Netmon 3" is just about the only other (free) alternative. Unsuprisingly, its parsers do a very good job with the MS "enterprise" protocols (kerberos, RPC, SMB2, ...), but IMO it's not as polished as Wireshark when it comes to general usability. One of its advantages is that the "parser definitions" are scripted rather than coded, so for those thus inclined the parsers themselves can be altered and tweaked to a purpose without recompilation.

Quick bump. Thought this should be on 1st page for just a little longer so people that may be interested have a chance to see.

torrentg said:

Quick bump. Thought this should be on 1st page for just a little longer so people that may be interested have a chance to see.

I agree. Sniffers are a crucial network tool. there are tons of them from simple but effective to corp lan industrial strength.

thanks for bumping it

Ken