|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] setting up a network tap
|
On Tue, Dec 16, 2008 at 2:37 PM, Chad V <csv@gamebox.net> wrote:
>
> My questions to the group are thus:
>
> 1. Are there any better ways to do it other than what I mentioned?
> 2. What software would you use?
> 3. I'm pretty sure the 300 MHz, 128 MB ram, 300 GB hard drive system
> is good enough to capture 1 business day worth of traffic for a LAN
> with 8 PC's and 8 VoIP phones with light usage patterns. Do you
> agree?
Good enough to capture? Yes. The machine will be slow if you want to
use it for examining the packets.
By and large, it could be advantageous to use a commandline tool (such
as tcpdump) instead of wireshark, and run the bridge headless.
http://www.wireshark.org/docs/wsug_html_chunked/AppTools.html
The captured packets could then be examined with wireshark at a later
time, or on another machine.
I will also second sean's suggestion of using debian.
--
Jim
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|