I really do not agree with this at all. Learning to use the sniffer.. any sniffer, is at the basic level.. easy. Learning how to filter the rush of data and get something meaningful out of it all is half skill and half black magic ;) It takes a certain level of experience AND skill to put together a decode filter by using signatures and boolean functions that is not taught in very many places. And when you are dealing with viruses, napsterlike clones, badly behaved apps and so on, it's not just knowning the TCP stack.. it's knowing how that packet is contructed, why it is contructed that way, why is it doing what it does and how is it doing what it does.
That is why I know one engineer who charges right around 12K *a week* and she gets it every week of the year... I also personally know several engineers while good on routers and spouting the OSI layers, TCP layers, etc.. are pretty useless on a sniffer for extended troubleshooting. ::off soap box:: MikeS The more I learn, I understand that I know less and less of what I thought I knew Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=24173&t=24131 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]