Our setup looks like this:
Redhat 7.3 Servers with 6 nic ports. Each Ethernet card is plugged into a
'dedicated' span on a switch (taps where also considered). One Ethernet is
reserved for the transport into the server.
Clients run a Xserver.
Using a php web front end, we basically click on the sniffer we want to use,
and walla, and X window pops up on the win2k client machines. The web page
is required to grab the remote guys ip address, and when a specific sniffer
is selected, it just exports the display and starts ethereal with a -I for
whatever interface we want. I sure would like to also put a -t and a
span/sniffer name in there also.
For long term traces, we use tethereal and run it as nohup type process.
-----Original Message-----
From: stefmit [mailto:stefmit@xxxxxxxxxxx]
Sent: Wednesday, October 08, 2003 1:05 PM
To: ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] -title for managing multiple instances
of ethereal
I am sorry for "hijacking" the thread, as I have no answer for your specific
query, but your description raised my interest for another reason: you are
saying you've been using Ethereal as distributed sniffer ... right? How (if
you don't mind)?
What I [partially!] understand by distributed sniffer is the capability of
having visibility for multiple (preferably remote) locations, so what I had
to do was to use winpcap 3.01 alpha installed on remote machines (across WAN
links), and enable rpcap on those, then capture "on demand" using windump on
the central monitoring station, with the syntax for adapter ("-i"):
rpcap://<remote_IP>/\<adapter_name>. I have not been successful in using
Ethereal for this mechanism (rpcap) ... have you? Or did I misunderstand
your
usage of distributed function?
Thx,
Stef
On Wednesday 08 October 2003 11:07 am, Dolbow, Bill wrote:
> Hey guys, We are using Ethereal on Redhat as a distributed sniffer at my
> company. We are really enjoying it, including the best feature of all
> which is multiple instances of ethereal running, BUT, we would like to
have
> a -title type of option. We get lost with multiple X-windows open
sniffing
> different segments or with different captures.
>
>
> Can we get a command line option like -title on the radar screen. It
> should put the text in the title bar of both the main window and the
> capture window when a capture is running. Maybe we can shorten "The
> Ethereal Network Analyzer" to just "Ethereal - (title passed via command
> line)".
>
>
> Something like this....
>
> -title string
> This option specifies the window title string,
> which may be displayed by window managers if the
> user so chooses.
>
> Thanks
> Bill
>
> I apologize if this is not the correct forum for this type of
> question/request....
>
>
>
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users