J
John Corliss
I'm looking for an alternative to Ethereal that's a little more user
friendly.
TIA
friendly.
TIA
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
J
John Corliss
John said:I'm looking for an alternative to Ethereal that's a little more user
friendly.
TIA
By the way, I did find this nice list:
http://netsecurity.about.com/cs/hackertools/a/aafreepacsniff.htm
M
Mel
Analyzer is a full configurable network analyzer program for Win32I'm looking for an alternative to Ethereal that's a little more user
friendly.
TIA
environment. Analyzer is able to capture packets on all platforms (and
link-layer technologies) supported by WinPcap, except for Windows 95.
http://analyzer.polito.it/
J
John Corliss
Mel said:Analyzer is a full configurable network analyzer program for Win32
environment. Analyzer is able to capture packets on all platforms (and
link-layer technologies) supported by WinPcap, except for Windows 95.
http://analyzer.polito.it/
Thanks Mel, but this part makes me nervous:
"This work has been partially sponsored by Microsoft Research and
Telecom Italia Labs."
Given Microsoft's penchant for having their software "call home", even
my mouse and keyboard softwares, who knows what strings are attached to
their "sponsorship"?
On the other hand, I like the looks of this one:
http://www.analogx.com/contents/download/network/pmon.htm
The interface appears more cleanly laid out than that of Ethereal. Just
wish the download was a zip file instead of an installation executable.
I wish there was a freeware program that allowed one to extract files
from an Installshield or a Microsoft installer file. I hate having to
install a program in order to read the EULA or to discover that it
modifies the system in a fashion that I don't like.
J
John Corliss
John said:Thanks Mel, but this part makes me nervous:
"This work has been partially sponsored by Microsoft Research and
Telecom Italia Labs."
Given Microsoft's penchant for having their software "call home", even
my mouse and keyboard softwares, who knows what strings are attached to
their "sponsorship"?
On the other hand, I like the looks of this one:
http://www.analogx.com/contents/download/network/pmon.htm
The interface appears more cleanly laid out than that of Ethereal. Just
wish the download was a zip file instead of an installation executable.
I wish there was a freeware program that allowed one to extract files
from an Installshield or a Microsoft installer file. I hate having to
install a program in order to read the EULA or to discover that it
modifies the system in a fashion that I don't like.
Crap. I just noticed this:
"Please note, PacketMon is currently only available for Win2000/XP ONLY."
The search continues I guess.
A
Art
I got interested in that old question a few months back when I started
using Win 2K Pro on one machine. Looked to me like the evidence of
something possibly along those lines disappeared when I disabled
Telephony ... making dialup impossible. On Win ME, I think it
disappears when you rename RPCSS.EXE to RPCSS.OLD in pure
DOS. I do that anyway on Win ME to close a port ... as part of my
"close all open ports" technique for that OS. And I did that when
I was using Win 98 as well.
Anyway, there's no trace of mysterious outgoing, or attempts at it,
on any of my machines. I use tools like TCPView, Active Ports,
Netstat, and Sygate free firewall for this sort of detective work.
I thought it was interesting that whatever was trying to call out
on a fresh install of Win 2K disappeared when I "destroyed" the OS
capability to support dialup.
Art
http://home.epix.net/~artnpeg
using Win 2K Pro on one machine. Looked to me like the evidence of
something possibly along those lines disappeared when I disabled
Telephony ... making dialup impossible. On Win ME, I think it
disappears when you rename RPCSS.EXE to RPCSS.OLD in pure
DOS. I do that anyway on Win ME to close a port ... as part of my
"close all open ports" technique for that OS. And I did that when
I was using Win 98 as well.
Anyway, there's no trace of mysterious outgoing, or attempts at it,
on any of my machines. I use tools like TCPView, Active Ports,
Netstat, and Sygate free firewall for this sort of detective work.
I thought it was interesting that whatever was trying to call out
on a fresh install of Win 2K disappeared when I "destroyed" the OS
capability to support dialup.
Art
http://home.epix.net/~artnpeg
M
Mel
Out of all the millions of people on the internet what makes you thinkThanks Mel, but this part makes me nervous:
"This work has been partially sponsored by Microsoft Research and
Telecom Italia Labs."
Given Microsoft's penchant for having their software "call home", even
my mouse and keyboard softwares, who knows what strings are attached to
their "sponsorship"?
they are interested in what you do?
Yup me too.On the other hand, I like the looks of this one:
http://www.analogx.com/contents/download/network/pmon.htm
The interface appears more cleanly laid out than that of Ethereal. Just
wish the download was a zip file instead of an installation executable.
Then you are installing WinXP.
I wish there was a freeware program that allowed one to extract files
from an Installshield or a Microsoft installer file. I hate having to
install a program in order to read the EULA or to discover that it
modifies the system in a fashion that I don't like.
A
Art
Out of all the millions of people on the internet what makes you think
they are interested in what you do?
ISPs sometimes supply spyware in their software allegedly to collect
useage patterns for marketing research purposes. I dunno why M$
should be any different.
Art
http://home.epix.net/~artnpeg
M
Mel
ISPs sometimes supply spyware in their software allegedly to collect
useage patterns for marketing research purposes. I dunno why M$
should be any different.
Like you can really make yourself invisible.
J
John Corliss
Mel said:Out of all the millions of people on the internet what makes you think
they are interested in what you do?
Well, I never said that they were, Mel. What I meant was that it
wouldn't be unlike Microsoft to stipulate as a condition of their
"sponsorship" that the sniffer be unable to detect packets from
something that they include in their OS. And not as a particular
interest in what *I* am doing, but rather as a potential to protect
their ability to do something to people in general. Consider this....
who knows what kind of deals they've made with the United States Justice
Department (and FBI, CIA, "Fatherland Security", etc.) in order to
circumvent prosecution for being a monopoly?
Then you are installing WinXP.
No, I caught that in the reply I made to the post your reply was to.
Yup me too.
Seems like a good idea, but of course it would probably require some
kind of reverse engineering in order to see inside such files.
J
John Corliss
Art said:ISPs sometimes supply spyware in their software allegedly to collect
useage patterns for marketing research purposes. I dunno why M$
should be any different.
True fact. The ISP that comes to mind immediately is Charter, who I've
seen install Broadjump Client Foundation (active file is named
"cfd.exe") on at least three clients' computers who went with that ISP.
In each case, I removed the spyware with no ill effects. When I called
Charter on it, one of their reps flatly denied Charter having installed
it. However, when I uninstalled their software and then reinstalled it
as a test, BCF reappeared "as if by magic". I wouldn't have caught this
crap if it hadn't been for me installing Kerio before allowing the
Charter guy to put his stuff on. It alerted me to BCF trying to call
out. After Charter's reps leave (they sometimes insist on installing the
software themselves) I always get to work removing BCF and streamlining
the system.
J
John Corliss
Art said:I got interested in that old question a few months back when I started
using Win 2K Pro on one machine. Looked to me like the evidence of
something possibly along those lines disappeared when I disabled
Telephony ... making dialup impossible. On Win ME, I think it
disappears when you rename RPCSS.EXE to RPCSS.OLD in pure
DOS.
I did that a long time ago (named it "RPCSS renamed.EXE) because I
really don't like having remote call procedures activated on my system.
"Great minds think alike" I guess.
I do that anyway on Win ME to close a port ... as part of my
"close all open ports" technique for that OS. And I did that when
I was using Win 98 as well.
Anyway, there's no trace of mysterious outgoing, or attempts at it,
on any of my machines. I use tools like TCPView, Active Ports,
Netstat, and Sygate free firewall for this sort of detective work.
I thought it was interesting that whatever was trying to call out
on a fresh install of Win 2K disappeared when I "destroyed" the OS
capability to support dialup.
I agree. I wonder if that would work with XP though.
M
Mel
Looks like most of the Freeware To Capture and Analyze Traffic On YourI'm looking for an alternative to Ethereal that's a little more user
friendly.
TIA
Network is listed here:
http://netsecurity.about.com/cs/hackertools/a/aafreepacsniff.htm
And Freeware Network Monitoring Tools and Utilities are listed here:
http://netsecurity.about.com/cs/hackertools/a/aafreenetmon.htm
J
John Corliss
Mel said:Like you can really make yourself invisible.
All one can do is to try, Mel. And a good packet sniffer is a start.
Neutering Java is another step in the right direction. There are
"degrees of visibility", so there's no point in giving up.
B
buzz Light Beer
Like you can really make yourself invisible.
Agreed, but......
BellSouth ( as well as others) goes a step further w/ *Support.Com*
installed.
Anyone who uses BellSouth for an ISP, should look at their folder,
C:\Program Files\Support.com\backup.
Although it is supposed to help w/ troubleshooting it is def suspect
as spyware.
Case in point : see info on *T g c m d.exe* here :
http://www.answersthatwork.com/Tasklist_pages/tasklist_t.htm
which declares it to be spyware.
I no longer have this service running on my box.....
/bLB
M
Mel
And what makes you think the government didn't institute prosecution ofWell, I never said that they were, Mel. What I meant was that it
wouldn't be unlike Microsoft to stipulate as a condition of their
"sponsorship" that the sniffer be unable to detect packets from
something that they include in their OS. And not as a particular
interest in what *I* am doing, but rather as a potential to protect
their ability to do something to people in general. Consider this....
who knows what kind of deals they've made with the United States Justice
Department (and FBI, CIA, "Fatherland Security", etc.) in order to
circumvent prosecution for being a monopoly?
Microsoft with the sole purpose of getting Microsofts cooperation in
incorporating spyware into their products (to further erode the privacy
of all computer users)? (Too many secrets!)
Some .msi files can be extracted with JvaENE.Seems like a good idea, but of course it would probably require some
kind of reverse engineering in order to see inside such files.
J
John Corliss
Mel said:Looks like most of the Freeware To Capture and Analyze Traffic On Your
Network is listed here:
http://netsecurity.about.com/cs/hackertools/a/aafreepacsniff.htm
That's what I was thinking too. Am going to give Sniphere a look.
And Freeware Network Monitoring Tools and Utilities are listed here:
http://netsecurity.about.com/cs/hackertools/a/aafreenetmon.htm
Well, I've already got enough of that kind of thing. Mostly I just want
a good and easy to use packet sniffer. What turned me off to Ethereal
was when I saw their help file refer to a "filtering *language*". Why in
hell do they make it so difficult? Seems to me that a little work on
simplifying their UI is in order. On the other hand, maybe Ethereal is
another one of those products that intended for developers mainly, like
Mozilla used to be.
J
John Corliss
Mel said:And what makes you think the government didn't institute prosecution of
Microsoft with the sole purpose of getting Microsofts cooperation in
incorporating spyware into their products (to further erode the privacy
of all computer users)? (Too many secrets!)
Heh. "Oh what a circle of lies we weave when at first we try to deceive"
or something like that.
Some .msi files can be extracted with JvaENE.
Thanks! I'll check it out. Eh.... got any links? Google didn't come up
with much.
M
Mel
Yes, you can try, but that doesn't mean you'll succeed, if someoneAll one can do is to try, Mel. And a good packet sniffer is a start.
Neutering Java is another step in the right direction. There are
"degrees of visibility", so there's no point in giving up.
really wants to know, they can track you anywhere. (even through an
anonomizers or tor)
One can wear a white sheet to hide ones identity, but that doesn't make
one bulletproof.
M
Mel
Maybe I'll try it: I like to get into bits & bytes.Well, I've already got enough of that kind of thing. Mostly I just want
a good and easy to use packet sniffer. What turned me off to Ethereal
was when I saw their help file refer to a "filtering *language*". Why in
hell do they make it so difficult? Seems to me that a little work on
simplifying their UI is in order. On the other hand, maybe Ethereal is
another one of those products that intended for developers mainly, like
Mozilla used to be.