Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Ethereal Integration > WildPackets EtherPeek - Pg. 234

Integrating Ethereal with Other Sniffers 234 Figure 7-11. Ethereal Display of Network Monitor Capture Reading Ethereal Files With Network Monitor Network Monitor can also read and process properly formatted capture files. This means you can capture files with Ethereal and then read them with Network Monitor, as long as you save them in the Network Monitor format. Once you have captured your data with Ethereal, select File | Save As. Browse to the location where you would like to save your capture. Next, choose the correct output type from the File Type pull-down menu. In our case we are saving to Microsoft Network Monitor 2.x. Type in a file name under Selection, make sure to give it a .cap extension, and click OK. Network Monitor will open the file even without the extension, but this makes finding it easier. You can now open up the Ethereal capture file in Network Monitor by selecting File | Open. Browse to the location of the saved file, select it and click Open. You will now see the packets displayed in the Frame View window. WildPackets EtherPeek EtherPeek by WildPackets, is a commercial graphical network analyzer that works on 10/100/1000 Mbps Ethernet networks. It runs on Windows XP and 2000, and there is even a version for Macs! Other network analyzers by WildPackets include TokenPeek, AiroPeek, and GigaPeek. EtherPeek can capture traffic from more than one network adapter at a time so that you can correlate various network occurrences. EtherPeek offers two distinct ways of looking at the network: the monitor statistics view and the packet capture view. The monitor statistics view lets you looks at various data including network, protocol, and node statistics. It's important to note that you will not be able to save packets with this function--you will only be able to view them. The packet capture view allows you to view packet decodes of a capture, view saved captures, or save your current