Replying directly because my firewalls posts seem to be getting dropped.
Probably for perpetuating off-topic threads like this, but they don't
seem to want to tell me.
> > >I have a LanAlyzer, but it doesn't understand IP addresses
> I have a Lanalyzer and it understands IP addresses just fine.
Mine's v3.11A. When I inquired about upgrades, Novell disavowed any
knowledge of it, although it prints Novell copyright statements. It
understands IP only in a brain-dead sort of way: it direct maps MAC
to IP on the current segment. Unless all the traffic you're analyzing
originates on the same subnet, this creates the bizarre appearance that
much of it originated at the last router hop. You can decode the
packets and read the IP addresses yourself, but IMNSHO that should be
serviced by the software directly.
> > Lanalyzer understands ip in that it can decode it. Once you decode it you
> > can sometimes read the host name from the packet, depends on what was sent,
> > ugly but better than nothing. Big Red decided not to supply any ip - host
> > name translation since netware does ipx and it's only you funny unix guys
> > that talk ip.
> Damn, they gutted it! I'm glad I've got an older Lanalyzer that handles
> IP. You might want to check if they have a TCP/IP module for extra cost...
Mine handles IP from the standpoint that it knows what an IP packet looks
like from the outside. Last version I checked ran over Windows and
had the same limitations WRT IP.
W.C. Epperson "I have great faith in fools.
Senior SE Self-confidence, my friends call it."
Information Security Officer --Edgar Allan Poe--
Virginia Dept. of Education