Wireshark · Ethereal-users: RE: [Ethereal-users] capturing the amount of bytes in and out of an IP

Ethereal-users: RE: [Ethereal-users] capturing the amount of bytes in and out of an IP

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: "David Hodgson" <david.hodgson@xxxxxxxxxxxx>

Date: Wed, 1 Feb 2006 12:17:10 -0000

Hi Guy,

Just had a look at ntop, looks like it'll do the job, cheers for your
help.

Dave

-----Original Message-----
From: ethereal-users-bounces@xxxxxxxxxxxx
[mailto:ethereal-users-bounces@xxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: 01 February 2006 12:01
To: Ethereal user support
Subject: Re: [Ethereal-users] capturing the amount of bytes in and out
of an IP

David Hodgson wrote:

> I have devices which connect to my network using IP addresses assigned

> from a pool. I would like to find out how many bytes is being sent and

> received from the devices, firstly the total amount from the pool and 
> also from individual IP's from the pool. Is this possible with
Ethereal 
> or can someone point me to something that will do that? I also want to

> output the amount of bytes as well as the IP to a log file, it will
then 
> be inserted into an Oracle database.

Using Ethereal for that purpose could be considered equivalent to 
sending a sample of your blood to a clinical laboratory for a full blood

chemistry analysis in order to find out whether it's red or not. :-)

You might want to see whether ntop:

	http://www.ntop.org/

could do the job - it might be easier to get it to do that, especially 
in an automated fashion, than it would be to get Ethereal to do that. 
(As the "NTOP - Network TOP: An Overview" paper:

	http://www.ntop.org/ntop-overview.pdf

says:

	Simple alternatives to network monitoring are packet tracers and

decoders, often-called network sniffers. Examples are tcpdump [Jacobson 
et al] and snoop [Sun]. These tools are responsible for capturing 
packets from the network and often require off-line analysis tools to 
correlate captured data and identify network flows. Sniffers usually 
provide details on packet activity and lack information on the network 
as a whole [DeriSuin99]. Protocol analyzers, such as Ethereal 
[Ethereal], typically focus on the content of single network packets and

not on global network activities. These solutions lack high-level 
support to management activities.

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

Prev by Date: Re: [Ethereal-users] File write permissions during capture
Next by Date: RE: [Ethereal-users] Problem with ethernet Interface
Previous by thread: Re: [Ethereal-users] capturing the amount of bytes in and out of an IP
Next by thread: [Ethereal-users] GSMP support?
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$