Protocol analyser/sniffer

5 pts.
Tags:
C++
Java
Network protocol analyzers
Protocol analysis
How do I implement Protocol analyser/sniffer

Software/Hardware used:
c++,Java

Answer Wiki

Thanks. We'll let you know when a new response is added.

I have worked with Ethereal/Wireshark anytime I needed to use a protocol analyser. Pretty simple to setup, install it on the computer you are going to use. Now, if you are just looking to hear whats going on in a certain VLAN, all you have to do is plug it into a switch and configure the port for that VLAN, start up wireshark and you will see all the broadcasts going on.

If you are looking for something more indepth, you will have to do some configs on your switch. I am going to assume you have a cisco switch for the following commands.

For the computer using Wireshark
monitor session 1 destination interface g0/#
*For the number after session you can pick anything from 1-66
*Enter the correct interface on the switch your computer is plugged into.

For the Computers you are monitoring.
monitor session 1 source interface g0/#
monitor session 1 source vlan ##
* Here you have two options, you can monitor specific ports. Line 1
* You can also monitor specific VLANs. Line 2
* Make sure your session number matches up with the one you picked for your wireshark.
* You can monitor multiple Interfaces for VLANs just by adding “,” or “-” to your command line.

Hope that helps.
Ryan Gunther
www.onlinetech.com

Discuss This Question: 3  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • carlosdl
    If you are asking for help on writing your own protocol analyser using Java or C++, I think you should be a little more specific in your question.
    69,160 pointsBadges:
    report
  • mitrum
    my vote for Wireshark too
    810 pointsBadges:
    report
  • Matt Mather
    Wireshark every time.
    3,610 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following