George, Amanda said:
> I downloaded the evaluation version of Ethereal,
The only thing that comes even remotely close to an "evaluation version"
is the pre-release version of 0.10.6:
http://www.ethereal.com/news/item_20040807_01.html
and that's not an "evaluation" version, it's probably best thought of as a
beta or perhaps release candidate version.
The versions you can download are the official versions; there's nothing
"evaluation" about those versions - there are no limitations (such as not
being able to save captures, or only being able to capture 100 packets, or
something such as that) that a non-evaluation version would remove, for
example
> We have a connection from our office LAN in Maryland to our data center in
> Virginia. I want to find out which computer is transmitting the most
> packets from our frame to our data center is Virginia according to host
> name. What is the easiest way to identify these transmissions with your
> product? On our network, we will see a high transmit and receive rate
> during certain times of the day going between our LAN in MD to our data
> center in Virginia, and I want to identify the traffic that is causing
> these high transmission rates.
One way to do that might be to run a capture during that time, and use the
Statistics -> Conversation List or Statistics -> Endpoint List menu items
(which might be called something different in releases prior to 0.10.6).
You'd probaby want the "IPv4" items (unfortunately, there aren't any IPv6
versions of those statistics) if the traffic is IPv4-based.
However, there are other tools that might do a better job of doing that
sort of statistical monitoring, such as ntop:
http://www.ntop.org/ntop.html
(which *does* handle IPv6).
