On Thu, 29 Apr 1999 routeat_private wrote: > Ethereal, http://ethereal.zing.org, is a stable portable network > traffic analyzer running on top of tcpdump that sports a nice GTK-based > interface. > > Oh yah. Use libnet. http://www.packetfactory.net/libnet > > -- --snip-- I should say that there are two kinds of sniffer in my mind, one kind is packet-based, that means to analyse every packet and show their header and content. Tcpdump and Ethereal is such. They are best used to network behavior analysis tools. Another kind of sniffer is session-based, they will neglect packet header, only pay attention to what *content* is going through the network. They can be used as intrusion detection, security check or just for a fun, sniffit and this netxmon is such. BTW, there is a negligence of mine. I forget the fact that I have installed libpcap in every test system of mine! So if some guy find an error message complaining cannot find net/bpf.h , please copy the libpcap-possiblymodified/net/bpf.h to /usr/include/net/ , or you can redownload it, I have fixed this. Many thanks to Chris Riley and Gary Truslow to notice this. Zhang
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:29 PDT