Protocol Analyzer

Mark Bowyer · ‎02-01-2011

We basically use Wireshark to sniff our traffic and we have a laptop with software called Sniffer on it, which analyzes the traffic and highlights any threats and groups traffic together so that you dont have trawl through loads of traffic. We want to get rid of Sniffer because we have to pay for it and just wondered if anybody can recommend any decent free protocol analysing software?

hobbe · ‎02-01-2011

now I am confused

You already have Wireshark

so why do you not use that ?

is it not good enough ?

Mark Bowyer · ‎02-02-2011

Can Wireshark be used to do that? When you have got a massive network, you dont necessarily want to trawl through all of the traffic. For example, arp requests, I want to know how many arp requests have been captured in total or maybe I want all of the spanning tree issues to be highlighted, without me trawling through all of the sniffed traffic. I want something that will group different types of traffic into categories. If Wireshark does that then let me know.

hobbe · ‎02-02-2011

yes it does just that.

If you click away the checkbox hide capture info dialog you will even se in realtime the number of arps and so on that you capture.

You can make filters to only display or even capture just the traffic you want.

you can follow a specific stream and decode the data inside of that stream and so on.

you have statistics and analyzer views you can se who is talking to who and how and what (unless its encrypted) and so on.

its a very very good tool.

Good luck

HTH