> How do I use ethereal to monitor send/receive traffics between two specific
> hosts
Step 1: either run Ethereal on one of the two hosts, or make sure that
the two hosts are on a broadcast network (Ethereal, Token Ring, FDDI,
802.11) and that either
1) the network is *not* switched (i.e., the machines are not
plugged into a switch or a switching hub)
or
2) the port into which the machine running Ethereal is plugged
is on a port that is set up to "mirror" traffic to the ports
the other two machines are on. (Some switches let you do
this, some switches don't; you'd have to read the
documentation for your switch to see if it's possible and, if
it is, how to do it.)
(Note that step 1 is a requirement for *ANY* sniffing program, not just
Ethereal.)
Step 2: run Ethereal with a capture filter such as
host foo and bar
if hosts "foo" and "bar" are the two hosts you're interested in.
> and can ethereal capture login/password when an user type in,
Yes. Whether it can *display* that is another matter; it depends on the
protocol being used to log in.
> if so please advise how do I do that?
Capture the traffic between the host from which the user is logging in
and the host to which they're logging in while the user is logging in.
