Im running linux mandrake and was wondering what kind of sniffer programs people were using to check traffic. I have been looking for one with a gui interface, Any recommendations from people on what they like and prefer. Also easy installation would be nice being a newbie. I can figure it though. Just happy I got samba and web server running.

Thanks Nick

The best place to check for just about anything and everything software related for linux would be:

http://freshmeat.net

Get used to this site. Use it a lot. Or... just stand being directed there a lot.

snort is a good sniffer........tripwire is good for sniffing out changes in files......it really all depends on what type of sniffing you want to do.......tcpdump is good as well but the output can be a bear to read.....luckily there are gui frontends to help with that....

Originally posted by fearx24
Im running linux mandrake and was wondering what kind of sniffer programs people were using to check traffic. I have been looking for one with a gui interface, Any recommendations from people on what they like and prefer. Also easy installation would be nice being a newbie. I can figure it though. Just happy I got samba and web server running.

Thanks Nick
fearx24,

I would check out this link http://rpmfind.net/linux/RPM/Monitoring.html & see if it has any programs that suit your needs:cool:

Have a look at Ethereal:

http://www.ethereal.com

Ethereal has a nice front-end for the Gnome desktop. Snort can be used in a similar fashion as the occasional packet sniffer or can be delployed an Intrusion Detection System (a.k.a IDS or NIDS) with a fairly elaborate ruleset. Take caution because either requires libpcap and a trojaned version of that has been discovered.

I don't use snort so much as a sniffer as I do a network intrusion detection system. From what I have gethered in my reading, it does well functioning as either.