Im not sure who wrote about the fact that ethereal dosent have
reporting features and someone just wrote asking how to make a report
from the stats from a ethereal capture.
Well i use ethereal all the time. ( i have a sniffer sitting in a bag
that i never take out )
I also use etherape. http://etherape.sourceforge.net/
This will give you a graphical picture of you network traffic and give
you numbers to back it up..
Hope this helps someone..
On Tue, 2001-09-25 at 14:18, aferen@xxxxxxxxxxxx wrote:
>
> "McNutt, Justin M." <McNuttJ@xxxxxxxxxxxx> writes:
>
> [ snip ]
>
> >
> > True. A revised list then:
> >
> > Sniffer can (Ethereal can't):
> > 1) Monitor mode (collect statistics over time). This is actually more
> > useful that one might think, not so much with problem-solving, but with link
> > usage analysis and the creation/modification of network policy. In fact, if
> > Ethereal had this, we wouldn't need Sniffer Pro at all.
> >
> > Can you say, "Ethereal monitoring Internet link via X Windows through SSH
> > tunnel"? :-) Works pretty well...
> >
> > 2) Capture mangled *frames* (runts, FCS errors, etc.), by virtue of being
> > bundled with proprietary drivers (and sometimes, proprietary NICs). Not
> > that interesting - in our case anyway - because most network devices will
> > tell you which port is receiving mangled frames. Most useful in a shared
> > (hub-based) environment where it's the repeater itself or a patch cord that
> > is the problem.
> >
> > 3) Decode certain proprietary or esoteric protocols. Nifty, but hardly
> > essential. We're about to turn Bay Autotopology and Cisco Discovery
> > Protocol off...
> >
> > Ethereal can (Sniffer can't):
> >
> > 1) X Windows.
> >
> > 2) Linux
> >
> > 3) Follow TCP streams.
> >
> > 4) Tethereal! Woo hoo!
>
> 5) be extended and improved as needed.
>
> This point may be obvious, but for me this is the critical difference.
>
> This also argues that 3 in the "Sniffer can" is really a "Sniffer can
> (Ethereal can't yet)". Someone just needs to write a dissector.
>
> I have seen several different capture tools over the years. All of
> them have better support for one protocol or the other, but none that
> I have seen had a way for me to extend them or improve them. If they
> didn't do what I needed out of the box I was basically stuck.
>
> > And personally, I like Ethereal's capture/display filter syntax MUCH better
> > than Sniffer Pro's.
> >
> > --J
> >
> > _______________________________________________
> > Ethereal-users mailing list
> > Ethereal-users@xxxxxxxxxxxx
> > http://www.ethereal.com/mailman/listinfo/ethereal-users
>
> --
> -Andrew Feren
> Cetacean Networks, Inc.
> Portsmouth, NH
>
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
--
Tom Greaser
Ethereal
Sniffing the glue that holds the Internet together
Packets are no harder to forge than business cards.