Packet Sniffers?

Tutorials Win: Microsoft Windows Forum

Hi,

We are running a Windows network, 2003 Server Domain and Windows XP
workstations. I'm having trouble with a printer and a specific application
and I feel that if I can see what's getting sent to the printer then I might
be able to solve this issue. Or at least get the right vendor, software or
printer, to take a closer look at the issue.

I've been searching for packet sniffers and there are just so many that I
don't know how to choose one. Is there a favorite out there? Something
open source or free would be best for the budget of course. I went to
source forge and it seems everything there is designed for Linux, not sure I
want to hassle with setting up a Linux box right now, so something that runs
on Windows would be nice. Any suggestions?

Also, if anyone has an idea of how I could trap the print job before it gets
to the print queue on the workstation that would be helpful.

Thanks in advance,
Linn
Top

Re: Packet Sniffers? by smlunatick

smlunatick
Tue Apr 22 12:18:27 PDT 2008

Wireshark appears to be an open-source sniffer but it also requires a network
hub.

On 22/04/2008 "Linn Kubler" <lkubler@chartwellwisc2.com> wrote:
>Hi,
>
>We are running a Windows network, 2003 Server Domain and Windows XP
>workstations. I'm having trouble with a printer and a specific application
>and I feel that if I can see what's getting sent to the printer then I might
>be able to solve this issue. Or at least get the right vendor, software or
>printer, to take a closer look at the issue.
>
>I've been searching for packet sniffers and there are just so many that I
>don't know how to choose one. Is there a favorite out there? Something
>open source or free would be best for the budget of course. I went to
>source forge and it seems everything there is designed for Linux, not sure I
>want to hassle with setting up a Linux box right now, so something that runs
>on Windows would be nice. Any suggestions?
>
>Also, if anyone has an idea of how I could trap the print job before it gets
>to the print queue on the workstation that would be helpful.
>
>Thanks in advance,
>Linn
>
>
Top

Re: Packet Sniffers? by Jack

Jack
Tue Apr 22 15:10:48 PDT 2008

Hi
May be this can Help,
http://www.windowsnetworking.com/nt/atips/atips338.shtml
Jack (MVP-Networking).

"Linn Kubler" <lkubler@chartwellwisc2.com> wrote in message
news:u$yS1OKpIHA.1420@TK2MSFTNGP03.phx.gbl...
> Hi,
>
> We are running a Windows network, 2003 Server Domain and Windows XP
> workstations. I'm having trouble with a printer and a specific
> application and I feel that if I can see what's getting sent to the
> printer then I might be able to solve this issue. Or at least get the
> right vendor, software or printer, to take a closer look at the issue.
>
> I've been searching for packet sniffers and there are just so many that I
> don't know how to choose one. Is there a favorite out there? Something
> open source or free would be best for the budget of course. I went to
> source forge and it seems everything there is designed for Linux, not sure
> I want to hassle with setting up a Linux box right now, so something that
> runs on Windows would be nice. Any suggestions?
>
> Also, if anyone has an idea of how I could trap the print job before it
> gets to the print queue on the workstation that would be helpful.
>
> Thanks in advance,
> Linn
>
>

Top

Re: Packet Sniffers? by Robert

Robert
Sat Apr 26 11:41:44 PDT 2008

smlunatick wrote:
> Wireshark appears to be an open-source sniffer but it also requires a
> network hub.

Wireshark is awesome, and I'm honestly shocked at how the OP could
"research" open source packet sniffers and miss it, because has a massive
reputation. As for needing a hub, any packet sniffer will either need a hub,
a switch that echoes traffic to the port it's plugged into, distributed
agents or some other similar trick, they can only 'sniff' what they see
going past them, after all.


Top

Re: Packet Sniffers? by smlunatick

smlunatick
Sun Apr 27 17:56:43 PDT 2008

On Apr 26, 2:41=A0pm, "Robert Moir" <usenet+robspamt...@gmail.com>
wrote:
> smlunatick wrote:
> > Wireshark appears to be an open-source sniffer but it also requires a
> > network hub.
>
> Wireshark is awesome, and I'm honestly shocked at how the OP could
> "research" open source packet sniffers and miss it, because has a massive
> reputation. As for needing a hub, any packet sniffer will either need a hu=
b,
> a switch that echoes traffic to the port it's plugged into, distributed
> agents or some other similar trick, they can only 'sniff' what they see
> going past them, after all.

Try finding a new "hub." There are getting to be "rare."
Top

Re: Packet Sniffers? by Robert

Robert
Mon Apr 28 10:48:38 PDT 2008

smlunatick wrote:
> On Apr 26, 2:41 pm, "Robert Moir" <usenet+robspamt...@gmail.com>
> wrote:
>> smlunatick wrote:
>>> Wireshark appears to be an open-source sniffer but it also requires
>>> a network hub.
>>
>> Wireshark is awesome, and I'm honestly shocked at how the OP could
>> "research" open source packet sniffers and miss it, because has a
>> massive reputation. As for needing a hub, any packet sniffer will
>> either need a hub, a switch that echoes traffic to the port it's
>> plugged into, distributed agents or some other similar trick, they
>> can only 'sniff' what they see going past them, after all.
>
> Try finding a new "hub." There are getting to be "rare."

Yeah. Luckily most reasonable new switches come specced to allow you to echo
traffic if you want.


Top

Re: Packet Sniffers? by smlunatick

smlunatick
Mon Apr 28 13:59:17 PDT 2008

On Apr 28, 1:48=A0pm, "Robert Moir" <usenet+robspamt...@gmail.com>
wrote:
> smlunatick wrote:
> > On Apr 26, 2:41 pm, "Robert Moir" <usenet+robspamt...@gmail.com>
> > wrote:
> >> smlunatick wrote:
> >>> Wireshark appears to be an open-source sniffer but it also requires
> >>> a network hub.
>
> >> Wireshark is awesome, and I'm honestly shocked at how the OP could
> >> "research" open source packet sniffers and miss it, because has a
> >> massive reputation. As for needing a hub, any packet sniffer will
> >> either need a hub, a switch that echoes traffic to the port it's
> >> plugged into, distributed agents or some other similar trick, they
> >> can only 'sniff' what they see going past them, after all.
>
> > Try finding a new "hub." =A0There are getting to be "rare."
>
> Yeah. Luckily most reasonable new switches come specced to allow you to ec=
ho
> traffic if you want.

Give me an example of this type of switch.
Top

Re: Packet Sniffers? by Robert

Robert
Thu May 01 15:52:42 PDT 2008

smlunatick wrote:

> Give me an example of this type of switch.

Just about any "intelligent"/programmable switch that you'd actually want to
install into a business big enough to own a server that's been purchased in
the past 3 or 4 years. It isn't a rare thing.


Top

Re: Packet Sniffers? by Robert

Robert
Thu May 01 15:54:01 PDT 2008

smlunatick wrote:
>
> Give me an example of this type of switch.

http://en.wikipedia.org/wiki/SMON

http://en.wikipedia.org/wiki/Port_mirroring


Top