[activeco@xxxxxxx]

On 23 Jan 2003 at 18:08, Guy Harris wrote:

> > Now my basic question is can I sniff at all on Internet,
> 
> You can only sniff on the part of the Internet that
> 
> 	1) passes through the machine on which you're running your
> 	   sniffer program (whether it's Ethereal or not)
> 
> or
> 
> 	2) passes through a hub into which your machine is plugged.
> 
> There's a switch in the broadband router, so traffic between the
> Internet and the other computers won't get sent to your computer, and
> you won't be able to see it while you're plugged into a port on that
> router.
> 

Thank you Guy. I tried direct cable modem connection and it works 
fine.
On the other side, it gives me more confidence in switch as a reliable 
protection tool.

Now I am still struggling with the second part of my problem:

> > Actually I needed a tool for only one task: to catch the NXDomain 
> > requests (non existing domain names) from (part of) Internet, so I 

I have managed to enter the filter (dns.flags.response) and I see all 
the DN requests 
and responses, but my intention is to see only the requests wich 
return "No such 
name" responses.
Is there any way I could achieve that?