Register

Forgot Password

Site FAQ

Home > IT Answers > Development > Protocol analyser/sniffer

Aneetapatil

5 pts.

Protocol analyser/sniffer

C++, Java, Network protocol analyzers, Protocol analysis

How do I implement Protocol analyser/sniffer

Software/Hardware used:
c++,Java

ASKED: July 26, 2010 10:47 AM

UPDATED: July 29, 2010 3:04 PM

RELATED QUESTIONS

Answer Wiki:

I have worked with Ethereal/Wireshark anytime I needed to use a protocol analyser. Pretty simple to setup, install it on the computer you are going to use. Now, if you are just looking to hear whats going on in a certain VLAN, all you have to do is plug it into a switch and configure the port for that VLAN, start up wireshark and you will see all the broadcasts going on. If you are looking for something more indepth, you will have to do some configs on your switch. I am going to assume you have a cisco switch for the following commands. For the computer using Wireshark monitor session 1 destination interface g0/# *For the number after session you can pick anything from 1-66 *Enter the correct interface on the switch your computer is plugged into. For the Computers you are monitoring. monitor session 1 source interface g0/# monitor session 1 source vlan ## * Here you have two options, you can monitor specific ports. Line 1 * You can also monitor specific VLANs. Line 2 * Make sure your session number matches up with the one you picked for your wireshark. * You can monitor multiple Interfaces for VLANs just by adding "," or "-" to your command line. Hope that helps. Ryan Gunther www.onlinetech.com

If you are looking for something more indepth, you will have to do some configs on your switch.  I am going to assume you have a cisco switch for the following commands.

For the computer using Wireshark
monitor session 1 destination interface g0/#
*For the number after session you can pick anything from 1-66
*Enter the correct interface on the switch your computer is plugged into.

For the Computers you are monitoring.
monitor session 1 source interface g0/#
monitor session 1 source vlan ##
* Here you have two options, you can monitor specific ports.  Line 1
* You can also monitor specific VLANs.  Line 2
* Make sure your session number matches up with the one you picked for your wireshark.
* You can monitor multiple Interfaces for VLANs just by adding "," or "-" to your command line.

Hope that helps.
Ryan Gunther
www.onlinetech.com

Last Wiki Answer Submitted: July 26, 2010 12:41 pm by RGunther

650 pts.

All Answer Wiki Contributors: RGunther

650 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Jul 26, 2010 3:39 PM (GMT)

If you are asking for help on writing your own protocol analyser using Java or C++, I think you should be a little more specific in your question.

carlosdl

63,535 pts.

POSTED: Jul 28, 2010 5:42 AM (GMT)

my vote for Wireshark too

mitrum

810 pts.

POSTED: Jul 29, 2010 3:04 PM (GMT)

Wireshark every time.

Matt Mather

3,610 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags