Re: Real-Time Network monitoring

From: Lawrence Rodis (lrodis_at_strategicresource.com)
Date: 01/31/04 

Date: Sat, 31 Jan 2004 08:01:46 GMT

Grunt,

As Hairy stated promiscuous mode only works on data that gets put on that
line. With real switches traffic between two PC will not be seen by a
third. 

-- 
Regards,
Lawrence A. Rodis
President
Strategic Resource Consulting Group L.L.C.
702-221-6274
lrodis@strategicresource.com
www.strategicresource.com
"Grunt" <me@privacy.net> wrote in message
news:Xns94808DE2FAE2Dgruntnowherecn@130.133.1.4...
> "Hairy One Kenobi" <abuse@[127.0.0.1]> seems to think in
> news:HNtSb.13832$YV1.4933@newsfep4-winn.server.ntli.net:
>
> > "Damjan" <dj19@email.si> wrote in message
> > news:DBsSb.3242$%x4.367361@news.siol.net...
> >> Hi!
> >>
> >> I'm wondering, if somewhere exist some tool, that can monitor tcp/ip
> >> over all network one ane computer? I use switch and have 5 computers
> >> in
> > network.
> >> Can I monitor traffic during them on my box?
> >
> > Ethereal is a good Freeware sniffer, but they'll all have problems
> > with a switch (this directs traffic directly between [generally] two
> > ports and prevents the traffic from being monitored).
> >
> > A hub will work just fine, if you don't have the sort of high-end
> > switch that directly supports sniffing.
> >
>
> Windows NT server has a network monitor application included that will
> monitor and filter any packet on the local machine.
>
> The driver must be installed.
>
> Windows SMS includes a "promiscuous mode" driver that will sniff packets
on
> the entire LAN.
>
>
> -- 
> -- ipgrunt
>

Relevant Pages

  • Re: [opensuse] Dumb question on networks and servers
    ... yourself to the switch. ... ultimately connecting to that one suse box, it can be set to monitor and also log ... firewall my whole network not just one machine. ...
    (SuSE)
  • Re: ethereal capture
    ... switch to monitor other ports into your specific port, ... Assistant Network Administrator ...
    (Security-Basics)
  • Re: Simple network monitoring software?
    ... In order to monitor a network you have to have a point where you can see all of the traffic. ... This generally means a switch that can be configured with a mirror port that will monitor one or more of the other ports. ... If you have a Linux box, you could run bandwidthd or ntop, which will show you the bandwidth hogs by IP address. ...
    (microsoft.public.win2000.networking)
  • Re: Real-Time Network monitoring
    ... >> over all network one ane computer? ... > switch that directly supports sniffing. ... Windows NT server has a network monitor application included that will ...
    (alt.computer.security)
  • Re: promiscuous mode in solaris
    ... > to determine if the port is in promiscuous mode or not. ... there is no way to determine if a machine's network ... if the snoop program, or another network monitor program, is being run. ... It is currently only ported to Solaris 2.6 and below. ...
    (comp.unix.solaris)