Distributed sniffer products

Braun, Mike MBraun at firstam.com
Wed Sep 3 20:32:24 UTC 2003


We've been playing with Wildpackets http://www.wildpackets.com/.  They sniff
LAN to Gig and some WAN as well.  The Distributed model is still vaporware,
but is said to be out soon.  The expert analysis is comparable if not better
than NAI.  

Mike Braun 

-----Original Message-----
From: Brennan_Murphy at NAI.com [mailto:Brennan_Murphy at NAI.com]
Sent: Wednesday, September 03, 2003 1:02 PM
To: owen at delong.com; JAustad at temgweb.com; nanog at merit.edu
Subject: RE: Distributed sniffer products



The cost benefit analysis on Ethereal/etc vs Sniffer on anything
but the smallest of networks is usually very easy to make.
The fundamental issue is what questions do you have and 
should you have about your network and what tool answers
those questions efficiently and reliably. Good protocol
analyzers sell because they save time in answering important
questions. Sniffer recently released a SMB Sniffer
called Netasyst...worth a look if cost has been an issue
in the past.  So ends this biased response. :-)


-----Original Message-----
From: Owen DeLong [mailto:owen at delong.com] 
Sent: Wednesday, September 03, 2003 2:50 PM
To: Austad, Jay; 'nanog at merit.edu'
Subject: Re: Distributed sniffer products



Etherial and other libpcap tools work reasonably well, can be easily 
deployed
using commodity hardware, and would cost you a lot less than NetAssoc.

Owen


--On Wednesday, September 3, 2003 1:07 PM -0500 "Austad, Jay" 
<JAustad at temgweb.com> wrote:

>
> Anyone have any experience with these?  I'm looking for something 
> similar to Network Associates Sniffer product.
>
> Are there any open source projects that are decent?  What are others 
> using?
>
> ----------------
> Jay Austad
> Senior Network Analyst
> Travelers Express / MoneyGram
> e: jaustad at temgweb.com p: 952.591.3779





More information about the NANOG mailing list