["Giles Scott" <gscott2@xxxxxxxxxxxxxxxxxx>]

Title: RE: [Ethereal-users] Sniffer Pro vs. Ethereal

Hi

There are also some things it can not do.

1. Can not map SNMP MIB OID to symbolic formats, by importing MIBs, ethereal can do this using  additional code.
2. Can not 'follow TCP stream' (which I find very useful)
3. Can not read tcpdump/snoop format traces, which is a real pain.
4. Can not run on Linux/Unix based systems.

What it can;
1. Latest version can decode the old 'Bay Networks (Nortel)- proprietary protocols'.
2. Can decode the original part of frame which is tagged onto a ICMP destination unreachable message. Only ran into this today, ethereal (v-0.8.19) does not appear to decode this :-(

3. Can't think of anything else.

We use Ethereal in conjunction with VNC (www.uk.research.att.com/vnc) for remote packet capture, which saves thousands of $$$.

As a user of SnifferPro for the last ten years, 'expert' is useful, especialy when you have no idea what the problem is.

To be honest, the only need I have had for the L2/L3 matrix stuff is when I was a consultant trying to find something to fill some pages of a report, other than that I found it pretty useless to be honest.

But now I only use Ethereal, its simpler, faster. Also I find the packet filter definintions a lot simpler on Ethereal. In fact, although we have a site license for Sniffer it is not loaded on any of our lab machines.

Giles Scott
Technical Support Manager
Alteon WebSystems
CNBU Nortel Networks

-----Original Message-----
From: Berry, Richard [mailto:BerryR@xxxxxxxxxxxxxxxxxxx]
Sent: Monday, September 24, 2001 7:10 AM
To: 'ethereal-users@xxxxxxxxxxxx'
Subject: [Ethereal-users] Sniffer Pro vs. Ethereal

There are two primary differences between Sniffer Pro and Ethereal (as far
as Ethernet is concerned):

1) The Sniffer expert analysis. It actually takes some expertise to tune it
to your network, but once accomplished, it can be a useful tool for
isolating problems quickly.

2) Graphical representation of your traffic flow. Many times for me, a
traffic matrix, protocol breakdown, broadcasts/sec graph over time, or other
graphs help me to see issue in our network quickly.

I know this doesn't always sound like an in-depth approach to isolating
issues, but those features are good for a first-cut,
where-should-I-focus-first kind of step.

Richard Berry
LAN Engineer-Principal
"Si hoc legere scis numium eruditionis habes."

-----Original Message-----
From: ethereal-users-request@xxxxxxxxxxxx
[mailto:ethereal-users-request@xxxxxxxxxxxx]
Sent: Sunday, September 23, 2001 12:01 PM
To: ethereal-users@xxxxxxxxxxxx
Subject: Ethereal-users digest, Vol 1 #393 - 2 msgs

Send Ethereal-users mailing list submissions to
        ethereal-users@xxxxxxxxxxxx

To subscribe or unsubscribe via the World Wide Web, visit
        http://www.ethereal.com/mailman/listinfo/ethereal-users
or, via email, send a message with subject or body 'help' to
        ethereal-users-request@xxxxxxxxxxxx

You can reach the person managing the list at
        ethereal-users-admin@xxxxxxxxxxxx

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Ethereal-users digest..."

Today's Topics:

   1. ethereal Vs Nai SNiffer Pro (Sim Joo Siong)
   2. cannot see SIP and SDP on Ethereal (Marcel Katz)

--__--__--

Message: 1
From: "Sim Joo Siong" <simjs@xxxxxxxxxxxx>
To: <ethereal-users@xxxxxxxxxxxx>
Date: Sun, 23 Sep 2001 12:04:23 +0800
Subject: [Ethereal-users] ethereal Vs Nai SNiffer Pro

This is a multi-part message in MIME format.

------=_NextPart_000_0005_01C14427.E2729D20
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi,

Can anyone tell me what is the major different between ethereal & NAI =
SNiffer Pro Version in term of features ?

Thanks in Advance.

Best Regards,
simjs

------=_NextPart_000_0005_01C14427.E2729D20
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Can anyone tell me what is the major =
different=20
between ethereal &amp; NAI SNiffer Pro Version in term of features=20
?</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Thanks in Advance.</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Best Regards,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>simjs</FONT></DIV></BODY></HTML>

------=_NextPart_000_0005_01C14427.E2729D20--

--__--__--

Message: 2
From: "Marcel Katz" <marcel.katz@xxxxxxxxxxx>
To: <ethereal-users@xxxxxxxxxxxx>
Cc: <marcel.katz@xxxxxxxxxxx>
Date: Sun, 23 Sep 2001 01:37:10 -0400
Subject: [Ethereal-users] cannot see SIP and SDP on Ethereal

I installed 0.8.17 on my win2k machine. I specify:
- Edit:Protcols: eth, ip, udp, tcp, sip, sdp
- in Filter: sip or sdp
- in Capture:Start, I selected all 4 boxes, Interface:
\Device\Packet_{4E3446CC-F203-4C11-98A7-F64F163DF5F7}, Count: 0 (Infinite).

I run 2 software phones, one on the same machine as Ethereal, on port 10001,
and another on another win2k machine on 10002. The problem:
I don't see anything being captured. I've seen the thing working with the
same configuration on other machines/networks.
Please help.

Many thanks.

Marcel Katz
marcel.katz@xxxxxxxxxxx
cell: 240-401-9035
home: 301-816-0855

--__--__--

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

End of Ethereal-users Digest

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users