On Wed, Sep 24, 2003 at 05:26:07PM +1000, David Clarkson wrote:
> I have scenario where a customer is highly sensitive and will not
> allow commercial data out of there network. I need to run a bunch of
> stats on their traffic. The machines I can use has no X. I cannot take
> an X windows system in to the network either. I am therefore limited to
> command line. I can run statistical analysis to determine protocol
> breakdowns, talkers, fragmentation levels etc. I cannot figure a way to
> get ethereal or TCPDUMP to do this analysis from CLI.
If the machines have no X, then either:
1) they're UNIX boxes, in which case you can't get Ethereal to
do *anything* of interest on them, as Ethereal requires X in
its UNIX versions;
2) they're Windows boxes, in which case you could try the
Windows version of Ethereal.
The same applies to machines you can take into their site.
Therefore, unless you can run the Windows version (which requires that
you have WinPcap installed if you plan to capture traffic on the machine
on which you're running Ethereal; the customer probably won't let you do
that on their machines) the only tool in the Ethereal suite that you can
use is Tethereal. The Tethereal man page lists the statistical analyses
it can perform under the "-z" option.
Those might not give you all you want (e.g., fragmentation levels -
there's nothing in Tethereal to calculate that). You might have to take
the output of Tethereal and run it through a script or program to get
other statistics.