On Fri, 28 Mar 2008 09:30:09 +0000 "Dennis Dryden" ddryden@gmail.com allegedly wrote:
I think you could get away with using something like ettercap(http://ettercap.sourceforge.net/) connected to the same switch to collect the traffic going to the gateway. It does some man in the middle sniffing so even in a switched environment you can see all traffic going to another host. Its been a while since i used it but if your prefer to look at the traffic in wireshark it spits out a file thats readable(at least i think it does).
Yep - ettercap reads and writes pcap files (as does tcpdump/ethereal/wireshark).
Mick
---------------------------------------------------------------------
This is a Microsoft free zone. Please do not send me Microsoft Word Documents. For some reasons, see:
http://www.gnu.org/philosophy/no-word-attachments.html http://www.goldmark.org/netrants/no-word/attach.html ---------------------------------------------------------------------