Wireshark · Ethereal-users: [ethereal-users] What is good about netxray

Ethereal-users: [ethereal-users] What is good about netxray

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date: Tue, 14 Sep 1999 20:08:41 -0500

  I still use netxray 3.0 when I am compelled to use NT which isn't all that
often and I keep netxray 2.5 on my laptop.


   The things it has that I use:

   1. nice visual decodes of various protocols - click on a portion of the
frame,
       say IP headers, and it highlights that bit of the frame
   2. a pretty slick capture filter based on IP or mac address
   3. multiple conversation capture ie several source+dest pairs can be
captured
   4. flexible capture buffer size
   5. named capture filters can be created and saved
   6. the traffic matrix thing is eye candy but it can be useful
   7. multiple stats windows for various things like crc, broadcast, packet
size distribution, etc
   8. traffic replay is occasionally useful


    ethereal looks pretty bare compared to the toys that netxray offers,
however I don't fear that someone will buy gilbert on a slave auction and
tattoo an NAI logo on his butt - ethereal will continue to grow and progress
as all good free software does and I can wait a few months to see the
features added that I want. In the mean time the current capture and decode
lets me do my daily sniffing without too much trouble :-)



Infotop Ltd wrote:

> In-Reply-To: <19990914115018F.1000@xxxxxxxxxxx>
> >From what I remember, NetXray had features like:
> * circle/chord graphs of which nodes were talking to which others.
> * pie graphs of traffic volume by protocol type
> * line graphs of traffic volume
> and so on.
>
> Personally, I think its preferable for Ethereal developers to concentrate
> on the core functionality - three-pane decodes of packets captured.
> There's probably still many packet types and lots of application-data
> that's not yet supported in the Ethereal decode logic. I still have
> problems with the capture/display filter logic for example.
>
> I use other tools like Ntop for other types of statistical analysis of
> traffic. MRTG for monitoring/graphing traffic volumes over time. I have
> perl scripts for doing other kinds of summarisation of Ethereal decodes
> that I printed to a text file. The newer print features will help there.
>
> sen_ml@xxxxxxxxxxx asked:
> > i wonder what the reviewer meant by feature-poor...
> >
> > page>         or Ethereal, a free (but feature-poor) decoder for Linux.
>
> --
> Ian Wilson

Follow-Ups:
- Re: [ethereal-users] What is good about netxray
  - From: Guy Harris

References:
- Re: [ethereal-users] Re: Best token ring card for ethereal?
  - From: Infotop Ltd

Prev by Date: Re: [ethereal-users] Re: Best token ring card for ethereal?
Next by Date: Re: [ethereal-users] What is good about netxray
Previous by thread: Re: [ethereal-users] Re: Best token ring card for ethereal?
Next by thread: Re: [ethereal-users] What is good about netxray
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$