I prefer Ethereal over Sniffer. In my experience, the Sniffer "expert" tools can mislead an inexperienced user to jump to conclusions and not do real analysis of a capture. If you are even going to think about analyzing a packet capture it is essential, IMHO, that you know the protocols that you are supposed to be analyzing in great detail. You need to know how each end of a conversation SHOULD act.
I'd suggest that you spend that $2.5K in either books or classes to teach you about the various different protocols in your network and what is normal behavior. You'd be amazed at what an experienced person can do with Ethereal and a little bit of knowledge of Perl scripting. I don't understand the complaints about the filters. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -----Original Message----- From: Dave C. [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 3:36 PM To: [EMAIL PROTECTED] Subject: Network Analyzers [7:72346] I work for a small growing business and am currently evaluating two types of network analyzer software. EtherPeek NX and Sniffer Portable (Sniffer Pro). Since the versions that I have are not the full production versions (only for evalutation purposes), I am limited to the functionality I can do with each. I know there is an extensive difference in price (Etherpeek NX is somewhere around $2000-2500 range, and Sniffer Portable (Pro) is somewhere greater than $10,000. For a small growing company, it is hard to justify over $10,000 for a piece of software, when I can get something comparable for much less, especially when we are in a time where we have to justify our jobs. What I would like to know, if anyone has experience with both of these applications, and what capabilities that Sniffer Pro offers, that Etherpeek NX does not. I would also like to know if anyone has experience with Ethereal (for Linux). I know it is free and it has much less functionality than Etherpeek NX or Sniffer, but I would like an opinion on that to. Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=72423&t=72346 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
