CONTENTS

Network Protocols Analyzers: Sniffer Distributed System

The Sniffer Distributed System.  In the previous sections, you learned how to use TCPDump and ethereal. In this section, you will explore a commercial packet sniffer called the Sniffer Distributed System (SDS). The SDS is a centrally managed, client-server network analysis system that allows users to monitor, analyze, and troubleshoot networks. The SDS comprises of two main components, which are the console and agent. The SDS agent is responsible for capturing packets and collecting statistics from the networks in real time. The SDS console acts as a network management center that connects to the agents and later displays the captured data in a user-friendly fashion. In this section, only the traffic transmitted on an Ethernet LANs is captured and analyzed. The goal of this section is to learn the basic features of the SDS in order to capture and analyze traffic related to network security.

Required Equipment.  Two Linux machines, which are found in the SIS computer lab.  You can use Linux PC as a client : Millennia (IP 192.168.30.51) or PC1 and a Linux PC as server : Pigeon (IP 192.168.30.52) or PC2.  You will also need a Windows NT PC that will act as the sniffer/attacker, which is SniffServ4(IP 192.168.30.53) or PC3.  Finally you will be using a 10/100 Ethernet Hub.




Login Instruction.  To login PC1 and PC2 use the following username and password.

  • Username: tel2821
  • Password: sniffer