Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
274
Views
0
Helpful
2
Replies

What to Use - Ethereal Filter or Another Program to Capture IP Conversation

slstrunk
Level 1
Level 1

‎02-22-2006 12:50 PM - edited ‎03-03-2019 01:57 AM

Good day Everyone,

Using Ethereal (packet sniffer) Version 0.10.14 and it works great. However there are times when I just want traffic info between servers & clients ("top talkers"). Find the Conversations (copy to clipboard) from the Statistics menu most applicable in this situation.

Want to monitor for approx. 24 hours, but as you know - you can easily generate ~ 200 MB file in 15 minutes. Add the time to load the file into Ethereal and generate the conversations, and I realize that I'm probably taking the wrong approach.

Am working with devices on the same subnet, so they're either connected to the same switch, or a downstream switch. They are Cisco switches, but I thought NetFlow only worked with routers.

So, what am I missing? Is there a way to generate a Conversations .csv file? Or should I be using a different program? Thanks in advance for your help!

Labels:
0 Helpful
2 Replies 2

zapanta.f
Level 1
Level 1

‎02-22-2006 01:26 PM

Foundstone or Packet Sniffer has some useful tools you can use. Also, Ethereal is widely used.

0 Helpful

rduke
Level 1
Level 1

‎02-22-2006 07:14 PM

The Agilent J6800 series analyzers are nice but not cheap. I had a demo copy of the software version and it can walk circles around what you can do with ethereal. You can drill down on conversations between nodes of interest very quickly and very easily. Sometimes the free tools work but are not always the best thing available.

R Duke

0 Helpful
Customers Also Viewed These Support Documents