Adding to Guy's list, I'd mention: - netdude (NETwork DUmp data Displayer and Editor). >From their webpage, "it is a GUI-based tool that allows you to make detailed changes to packets in tcpdump tracefiles."
http://netdude.sourceforge.net/ - tcptrace: "tcptrace is a tool [...] for analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump, snoop, etherpeek, HP Net Metrix, and WinDump. tcptrace can produce several different types of output containing information on each connection seen, such as elapsed time, bytes and segments sent and recieved, retransmissions, round trip times, window advertisements, throughput, and more. It can also produce a number of graphs for further analysis." http://www.tcptrace.org/ You may try to be more specific about your needs. Regards. -Chema Guy Harris wrote: > > On Wed, Sep 04, 2002 at 11:18:36AM -0700, [EMAIL PROTECTED] wrote: > > Does someone know the good tools to analyse the tcpdump log? > > What do you mean by "analyze"? > > Tcpdump is a reasonable tool for reading tcpdump logs and reporting the > packet contents. :-) > > Other programs that can read tcpdump-format captures are: > > Ethereal, which is a packet analyzer with a GUI similar to that > used by other GUI packet analyzers: > > http://www.ethereal.com/ > > (GPLed free software; it's "ethereal.com" only because > "ethereal.org" was already taken) > > Analyzer, which is another GUI packet analyzer, for Windows: > > http://analyzer.polito.it/ > > Snort, which is an intrusion detection system: > > http://www.snort.org/ > > and some of the other programs listed on the tcpdump.org "Related > projects" page: > > http://www.tcpdump.org/related.html > > Kismet: > > http://www.kismetwireless.net/ > > can also read tcpdump files. > - > This is the TCPDUMP workers list. It is archived at > http://www.tcpdump.org/lists/workers/index.html > To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe - This is the TCPDUMP workers list. It is archived at http://www.tcpdump.org/lists/workers/index.html To unsubscribe use mailto:[EMAIL PROTECTED]?body=unsubscribe
