As for reading Eatherreal, there are better people then me that can
explain them. But here is some stuff to get you started.
First off all Eatherreal has been replaced by Wireshark. Also take a
look at http://www.askbj.com/progs/Network_Probe_0.4-install.exe which is
an older free version of a commercial software that is nice.
What you need to do is get an hub (an actual hub, not a switch or
switching hub) there is a list on wiresharks website of ones that will
work. Then you stick that hub inline with the section of your network
you want to sniff, along with a computer running the sniffer. That
should capture all the packets going through that line. Some managed
switches have a port that is specifically for seeing all the data also.
Hope this helps to get you started.
School Information Technology Discussion <[log in to unmask]> writes:
>I have a funny story to tell you, but I also have a question.
>Yesterday, our e-mail server kept timing out, and our Internet
>connection was at a crawl for many hours of the day. I called
>SoverNet, our Internet provider, and I was told that we were using
>our entire bandwidth. This morning, same thing. I decided to
>download, and install ethereal on a windows box, and I started
>sniffing - yes, without reading the manual. While the program was
>sniffing, I got a call from [someone] in the district that has very
>few security restrictions because this [someone] can be trusted, and
>needs more access than other people. Anyhow, this person was needed
>help with something else in his/her room, which I fixed, but then
>said person said his/her computer was acting slow, and wondered if he/
>she stopped a few downloads if it would speed up her computer. I took
>a look, and said person was downloading 28 large files at one time.
>We discussed what happens when too many large files are downloaded at
>one time, and that problem was resolved.
>This is a funny story because I accidentally found the problem, but
>I'd like to know more about sniffing programs. The data that I got
>back from ethereal, out of the box didn't help me find the problem
>right away - I did only run it for a minute though just to play with
>it. Can anyone give me advice on reading ethereal data, or any other
>network sniffing solutions? Also, I installed ethereal on a regular
>PC box in my office - I'm guessing the box should be in front of our
>firewall to get better data, or maybe right behind it, as I wouldn't
>be able to see our internal IP addresses in front of it?
>Winooski School District
>60 Normand Street
>Winooski, VT 05404