Ethereal-dev: Re: [ethereal-dev] packet capture from switches and other RMON devices
--- On Wed, 12 May 1999 09:48:14 -0500 Gilbert Ramirez <gram@xxxxxxxxxx>
wrote:
>On Wed, May 12, 1999 at 09:35:48AM -0500, John McDermott wrote:
>>
>>
>> One issue is security. We'd probably have to add some sort of
>> authentication
>> so the average user couldn't connect. We can sort of do remote capture
>> now,
>> although it is somewhat of a bandwitdh hog, by displaying the capture on a
>> different X server.
>
>What I envision, if I can ever get my act together and add more
>functionality to wiretap, is to have "wiretapd"'s, or rather, remote
>capturing agents that you can run on many machines and connect to via
>Ethereal. (or they could be based on libpcap)
This sounds really nice. As long as we're "dreaming": one item to consider
might be a display column to show whence the datagrams were captured. It is
sometimes nice to know on what wire stuff shows up. Maybe even a filter to
select only a particular capture device.
>
>It would be nice to also make a service for this on NT, but I
>don't know anything about NDIS programming to capture packets. Ethereal
>could also connect to remote RMON agents.
Hmmm, ethereal as an RMON manager!?! An interesting thought...
>
>And of course, authentication and encryption would be necessary in
>the communication between ethereal and the remote wiretap/libpcap agents.
>--gilbert
Yeah. And a consideration of the load impact. I've found that remote
monitoring (my experience is with RMON and limited to small nets) can create
lots of traffic.
>
>
--john
-------------------------------------
Name: John McDermott
VOICE: +1 505/377-6293 FAX +1 505/377-6313
E-mail: John McDermott <jjm@xxxxxxxxxx>
Writer and Computer Consultant
-------------------------------------
