I have Sniffer Pro 4.7.5 running on my laptop. How can I monitor packet activities on a different workstation using my laptop I tried for example "target workstation <-> Any" for define filters but it doesn't work. I'm hoping I don't have to install this on that workstation.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Sniffer Pro newbie question
- Thread starter sniffer8
- Start date
I'll start with the obvious. If you're on a switch you will not see anyone else's traffic by default. To do so, you would have to span or mirror that port. Lastly if you do not have any mirror ports left, or an unmanageable switch, you can use a hub at the target's location , but you would have to physically connect to it as well.
Let m eknow if I'm way off..
'Making things work better; bit by bit.'
Let m eknow if I'm way off..
'Making things work better; bit by bit.'
- Thread starter
- #3
I would like to investigate this some more in my home lab environment. I have 2 workstations and a laptop. They are all connected via a hub. How do get my laptop to sniff the packets on one of the other workstations. My laptop is equipped with Sniffer Pro 4.7.5
When you use a hub will should see all the packets from all the devices connected to it. Unless your hub is really a switch 
If you use a switch and have 2 workstations pinging each other, you (being the third person) should see their traffic. Insert a hub instead, and you'll see everything.
Just make sure you use the default Capture Filter which has address filters..
I might also suggest you look over the 'Analyzers -> Network General -> 'how to section' for capture filter examples at my website (
'Making things work better; bit by bit.'
If you use a switch and have 2 workstations pinging each other, you (being the third person) should see their traffic. Insert a hub instead, and you'll see everything.
Just make sure you use the default Capture Filter which has address filters..
I might also suggest you look over the 'Analyzers -> Network General -> 'how to section' for capture filter examples at my website (
'Making things work better; bit by bit.'
Do you have installed the Sniffer Network drivers for your network card. Maybe your NIC is not in promiscous mode.
Do a trace without any filter, if you can't see unicast traffic from this station, either you don't have the correct driver or you are not on a hub.
If you do not have much network traffic, it is always a good advice not to prefilter packkets, because if you looking for problems they may be caused by a station which is outside your filter.
Do a trace without any filter, if you can't see unicast traffic from this station, either you don't have the correct driver or you are not on a hub.
If you do not have much network traffic, it is always a good advice not to prefilter packkets, because if you looking for problems they may be caused by a station which is outside your filter.
1. The most common mistake that a lot of people make is that when they create a Address filter is leave the "Address Type" to 'Hardware'
Make sure you select 'IP' in the dropdown if you are typing an ip address.
2. Sniffer driver installed? (Good point Helmuth)
3. Is you hub really a hub? Most new hubs nowadays really behave like switches whilst they are called hubs....
Make sure you select 'IP' in the dropdown if you are typing an ip address.
2. Sniffer driver installed? (Good point Helmuth)
3. Is you hub really a hub? Most new hubs nowadays really behave like switches whilst they are called hubs....
- Status
Similar threads
- Locked
- Question