ethereal is excellent. but if you want to write your own handlers to analyze real traffic,
i'd say modify tcpdump(http://www.tcpdump.org) or if you want java, use a pcap wrapper like
http://jpcap.sourceforge.net/
or
http://netresearch.ics.uci.edu/kfujii/jpcap/doc/
I have used the latter more often.
you may find this useful.. though not as well designed as you may like.
http://cvs.sourceforge.net/viewcvs.py/miu/src/java/miu/util/TCPAnalyzer.java?rev=1.6&view=auto
http://cvs.sourceforge.net/viewcvs.py/miu/src/java/miu/im/yim/YIMAnalyzer.java?rev=1.1&view=auto
Harmeet
----- Original Message -----
From: Alex Karasulu <aok123@bellsouth.net>
Sent: Aug 15, 7:08 PM
> Hi,
>
> I'm toying around with ethereal and probably have not invested much time
> in it yet but I wanted to ask others before getting too deep about their
> favorite software packet sniffer.
>
> Anyone use a free software packet sniffer out there?
>
> Alex
>
>
|