Ethereal
From: l0n3_w012ph (l0n3_w012ph_at_hotmail.com)
Date: 12/20/04
- Next message: Jason Benway: "arpwatch and snort help"
- Previous message: Gandalf Parker: "Re: hacked?"
- Next in thread: Kunael: "Re: Ethereal"
- Reply: Kunael: "Re: Ethereal"
- Reply: /dev/null: "Re: Ethereal"
- Reply: prg: "Re: Ethereal"
- Reply: Tim Smith: "Re: Ethereal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 20 Dec 2004 15:14:49 GMT
Hello,
I have 8 computers in my home network and I want to log the network
activity and study the different packets with the protocols, flags etc.
Therefor I installed Ethereal on one of my computers with Suse Linux Pro
9.0. I have installed WinPCap on my Windows machines and LibPCap on my
Linux machines. When I start to capture packets it gives me all the
packets (TCP, UDP, ARP etc) on the PC that is running Ethereal (the
Linux PC). From the other PC's I only get the ARP packets, although I am
working on these and surfing on the Internet too.
I read the manuals about setting up a capture filter and it said that if
I wanted to capture packets from a specific PC, I just had to put in the
filter 'host 192.168.123.101' or (on its MAC-address) 'ether host
08:00:08:15:CA:FE'. But even when I added that as a capture filter, I
only got the ARP packets from that machine.
Then I tried to enter the MAC address from my router and even it's
IP-address (gateway): 192.168.123.254. But even that didn't work out:
just the ARP-packets.
Does anyone have a solution for it or is it just not possible to log?
Thanks for yout reactions in advance!
Jack
- Next message: Jason Benway: "arpwatch and snort help"
- Previous message: Gandalf Parker: "Re: hacked?"
- Next in thread: Kunael: "Re: Ethereal"
- Reply: Kunael: "Re: Ethereal"
- Reply: /dev/null: "Re: Ethereal"
- Reply: prg: "Re: Ethereal"
- Reply: Tim Smith: "Re: Ethereal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
