On Mon, Apr 02, 2001 at 09:31:29PM -0500, Bob Tanner wrote:
> I have tried several tools, each seems to have a strength, but none of them are
> "simple". The tools I have used are tcpdump, snoop, sniffit, ethereal.
I've never done any serious work with sniffers, so I'm not particularly
familiar with any of those you listed, but I found karpski to be pretty quick
and easy to get started with. It's an X app; basically just run it, tell it
to start listening, and it fills up a list box with all the connections it
sees. When a connection of interest appears, click on it and then hit
another button and all data sent across it is displayed in a popup window.
I'm sure there's a way to specify something broader, like 'all connections
using foobar:42', but that would require actually reading TFM...
I've also looked a little bit at ngrep, which seems to be pretty powerful,
but it's a command-line app with a zillion options, so I left it in the pile
of things to figure out when I have a use for them.
--
Linux will do for applications what the Internet did for networks.
- IBM, "Peace, Love, and Linux"
Geek Code 3.1: GCS d? s+: a- C++ UL++$ P++>+++ L+++>++++ E- W--(++) N+ o+
!K w---$ O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv b+ DI++++ D G e* h+ r y+