I have to chirp in and add that I too would recommend Network Associates SnifferPro. I work in a TRC for a switch/router vender and use different sniffers on an almost daily basis. SnifferPro is good because it has an intuitive interface, and excellent filtering capabilities. It is also cross platform - you can get a version to install on your laptop, get a version in a Dolch Chassis (larger portable PC, capable of seating large cards for GigE/FDDI/ATM), or a laptop with ATM/WAN book combo. Most likely, if you have to ask for assistance from the HW vender of your router (or whatever) they are going to ask for traces in SnifferPro compatible format (not sure if that is true of Cisco's TRC). I have had problems in the past with other Sniffers that use proprietary file format's - so you essentially can't share your sniffer trace with someone outside of your company. Many will save to text based comma delineated file format's for interop capabilities, but that tends to be a pain to read and some information may be omitted.
I have also been very impressed by Network Associates Sniffer support - very nice and quick response. I once broke the connector from my laptop to my ATM Book. I was in a foreign country on a field visit to a very important Customer. Without the ATM sniffer I was dead, so I called the Network Associates support number and they readily agreed to ship me a new connector via overnight courier right to my hotel - free of charge. So yes, I like them allot. The only thing that I tend to dislike about SnifferPro is that you can't look at the traces dynamically while the trace is being taken. You can look at a great deal of stats dynamically, but not the details of a particular packet (maybe I'm wrong and it's some feature I don't know how to turn on - if so someone please let me know). I have seen some others sniffers that can do this, and it's a useful feature. If you should buy from another Sniffer vender, I would just make sure to ask them what file format's can you save your traces too and if SnifferPro can read the files. -Jonathan ----- Original Message ----- From: "Jeff Kesemeyer" To: "'Lupi, Guy'" ; ; Sent: Tuesday, January 08, 2002 7:25 PM Subject: RE: Sniffers > The one that use to be made by Network General, now owned by Network > Associates are the best ones you can get IMHO. > I have used the Ethernet, Token-Ring, Internetwork, and ATM sniffers and > the are all great. They have to models, you can have them in a notebook > for portable sniffing or you can get Distributed sniffers that sit on > your network and you can remotely control when and what you want to > capture. > > You may want the mark them after installing them in your wiring closets. > A phone SE cleaned a wiring closet out and thought one was an old PC > someone dropped off and through it out. > > They start at about $10,000 and go up to $35,000 for the ATM version. > > Here's is the link: > > http://www.sniffer.com/ > > > Another one that I hear a lot about is EtherPeek, worth looking into. > > Jeff Kesemeyer > CCNP, CCDP, MCSE, CNE > www.bradshawlabs.com > "Your CCIE Rack Rental Source" > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of > Lupi, Guy > Sent: Tuesday, January 08, 2002 12:50 PM > To: '[EMAIL PROTECTED]'; '[EMAIL PROTECTED]' > Subject: OT: Sniffers > > > I was wondering if anyone had experience with sniffers, not free ones > like tcpdump and tethereal, but appliances that are made for that > purpose. Anyone have any suggestions and approximate prices? Thanks. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31377&t=31377 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
