Re: Windows Traffic Sniffer
From: xsr (xsr.1u0fkr_at_nospam.cx)
Date: Fri, 19 Aug 2005 11:56:33 +0000
> Ultimately what I am doing is trying to find a way to be able to sniff
> traffic on the same subnet to a group of servers without having to go
> to each server and set up a sniffer to log incoming packets. We have a
> pretty good size network. Setting up a sniffer on each would be too
> resource consuming.
OK, so ignore my post about remote sniffing, heh. I've read this after
getting enthousiast about the remote sniffer daemon.
> ..and bringing down the network would be a
> bad thing..a VERY bad thing
When poisoning excisting connections usually get dropped, even if it
might take a second or less for the programs to reconnect. Unless these
programs require user intervention for re-establishing.
Considering this next to the mentioned hardware or (non-gui or gui)
tools, i don't know of a way to make it work on windows.
You could try arp-sk ( http://www.arp-sk.org/ ) but it is non-gui.
Cain & able combined with analyzer seems like the closed match to your
requirements, in my opinion. It seems like a bitch to add all the hosts
seperatelly into cain's APR, though.
Anyway, good luck with it.
---- xsr 08eb d563 c78f 85a9 2f4b 571b 9177 22e6 65ad ac05 http://www.research-labs.net/