|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] setting up a network tap
|
On Wed, Dec 17, 2008 at 10:22, James Barrett <jadoba@jadoba.net> wrote:
> On Tue, Dec 16, 2008 at 2:37 PM, Chad V <csv@gamebox.net> wrote:
>>
>> My questions to the group are thus:
>>
>> 1. Are there any better ways to do it other than what I mentioned?
>> 2. What software would you use?
>> 3. I'm pretty sure the 300 MHz, 128 MB ram, 300 GB hard drive system
>> is good enough to capture 1 business day worth of traffic for a LAN
>> with 8 PC's and 8 VoIP phones with light usage patterns. Do you
>> agree?
>
> Good enough to capture? Yes. The machine will be slow if you want to
> use it for examining the packets.
>
> By and large, it could be advantageous to use a commandline tool (such
> as tcpdump) instead of wireshark, and run the bridge headless.
>
> http://www.wireshark.org/docs/wsug_html_chunked/AppTools.html
>
> The captured packets could then be examined with wireshark at a later
> time, or on another machine.
>
> I will also second sean's suggestion of using debian.
>
> --
> Jim
Yes, capturing the packets is all this machine will be doing. It will
be using tcpdump and the data files will be analyzed with wireshark
running on my Core 2 Duo laptop.
It is running Ubuntu Server 8.04, headless and command line only.
-Chad
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|