»
 

Go Back   ResellerRatings Store Ratings > ResellerRatings Forums > Tech Support
Let's Talk About Packet Sniffing Let's Talk About Packet Sniffing
Register FAQ Social Groups Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
Old 10-27-2003, 08:47 PM   #1 (permalink)
Registered User
 
Join Date: Oct 2003
Posts: 90
DRF138 is on a distinguished road
Let's Talk About Packet Sniffing
I have A program Called Packetyzer ( It uses EtherReal )
I don't really know much about packet sniffing And I am trying to Increase my knowledge base, Hell for that matter I don't know much about networking- I have a small 3 to 4 Computer Lab and no hub or router this is all crossed over 1 comp talks to two or three- Anyway Maybe that's not so much Important but it just gives you an idea of what type of network I am on- if that matters at all where packet sniffing is concerned....
Any and all Posts are appreciated... David

DRF138 is offline   Reply With Quote
Old 10-27-2003, 09:22 PM   #2 (permalink)
Guest
Guest
 
Posts: n/a
what a exactly are you wanting to know?

how to use the program or how does the program work?

to be honest i would look at the help or the guide. im sure it can give you alot of information on what you want to know
  Reply With Quote
Old 10-27-2003, 09:48 PM   #3 (permalink)
Registered User
 
Join Date: Oct 2003
Posts: 90
DRF138 is on a distinguished road
Just want to learn more about packet sniffing from those more familiar with it...software & hardware is just posted as to give an idea of what I'm working with to learn on-not that relevant in the query really..Sorry for any confusion. David
__________________
What's a domain ?
Where do babies come from ?
DRF138 is offline   Reply With Quote
Old 10-28-2003, 04:56 PM   #4 (permalink)
Registered User
 
SiliconJon's Avatar
 
Join Date: Feb 2003
Location: Bethalto, IL
Posts: 1,817
SiliconJon is on a distinguished road
All I know is dogs seem to identify each other with it...

:9

(sorry, somebody had to say it!)

http://www.google.com/search?hl=en&l...et+sniffing%22
SiliconJon is offline   Reply With Quote
Old 10-28-2003, 05:19 PM   #5 (permalink)
Registered User
 
Praetorian's Avatar
 
Join Date: Oct 2001
Location: Yuma, AZ
Posts: 2,484
Praetorian is on a distinguished road
Send a message via ICQ to Praetorian Send a message via AIM to Praetorian Send a message via Yahoo to Praetorian
Hmm...I'm going to take a shot in the dark here.

When Ethereal captures packets, you usually see just a bunch of jibberish. This jibberish is called Hex, and if you get a hex to text converter, or you can turn it into something humanly readable. I believe it's the top header of the ethernet packet.

I THINK that's it, but I wouldn't be surprised if I'm 100% wrong. Maybe DVNT1 will come in in here and clarify this issue for us.
Praetorian is offline   Reply With Quote
Old 10-28-2003, 05:47 PM   #6 (permalink)
Registered User
 
Join Date: Oct 2001
Location: TOO close to Wash DC
Posts: 7,956
vass0922 is on a distinguished road
I've never used this packet sniffer.. most times like when you run Win2k Network monitor (cheesy packet sniffer but effective at times) you will see EACH packet with its information. Sometimes its just jibberish code, other times its plain text. However, a single packet doesn't include a lot of information

There is a full blown package think Computer Associates makes, that if you're sniffing a guy cruising the web that it will even render the html pages he's viewing.. FARRRRRRRRR from free mind you.

Packet sniffers (the common use) are good for detecting lower level problems on the network. For instance ifa router isnt' working correctly it could be doing a broadcast storm. To the PC you won't see much.. but if you actually look at the packets you'll see a FLOOD of ARP packets.

To REALLY understand what its doing you should read up on TCP/IP
Otherwise the SYN/ACK stuff won't make a lick of sense to you.
There's a LOT going on there in each packet.
__________________
<< Insert exceedingly large and overly verbose message of how 1337 you are here including full specs of every vehicle you've ever driven and PC you've owned >>
vass0922 is offline   Reply With Quote
Old 10-28-2003, 06:11 PM   #7 (permalink)
Registered User
 
SpookyEddy's Avatar
 
Join Date: Oct 2001
Location: UK
Posts: 3,125
SpookyEddy is on a distinguished road
You are just looking at the packets on the wire, most of the information displayed will be the headers of each packet with various bits decoded from the payload.

Some basic understanding of TCP/IP would be a good place to start.

Regards

ed
SpookyEddy is offline   Reply With Quote
Old 10-28-2003, 06:39 PM   #8 (permalink)
Registered User
 
Join Date: Oct 2003
Posts: 90
DRF138 is on a distinguished road
Thanks alot my gears are really spinning now....Hex to text Eh?
Where is a good place to learn more about tcp/ip-The most I can do is ping an adapter or host....Checking out the link,too..Got further ? Please post it is greatly appreciated.
David
__________________
What's a domain ?
Where do babies come from ?
DRF138 is offline   Reply With Quote
Reply

« Hard Drive Detects Emminent Failure | Corrupt UNSTAL.ins file. how do I fix that? »


« Hard Drive Detects Emminent Failure | Corrupt UNSTAL.ins file. how do I fix that? »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Most Active Discussions

Recent Discussions

All times are GMT -6. The time now is 06:54 AM.

Contact Us - ResellerRatings - Archive - Privacy Statement - Top