Zonealarm and sniffer tools

Zonealarm and sniffer tools

am 16.12.2006 11:59:03 von ua

Hi,

I would like to analyze the internet communication by using a sniffer
program, however, when Zonealarm is running, all sniffers I tried are only
tracking incoming packets.
Is there a way to record also the outgoing packets without deactivating
Zonealarm? I use Windows 2000 with Service Pack 4.
Thank you very much in advance.

--
Regards,
ua

PS: If you want to email me, you must delete the "x" characters from the
reply email address.

Re: Zonealarm and sniffer tools

am 16.12.2006 15:57:09 von Robert

On Sat, 16 Dec 2006 11:59:03 +0100, ua wrote:

> Hi,
>
> I would like to analyze the internet communication by using a sniffer
> program, however, when Zonealarm is running, all sniffers I tried are only
> tracking incoming packets.

Sounds like you have a filter setup on the sniffer. It should catch both
ways.

> Is there a way to record also the outgoing packets without deactivating
> Zonealarm? I use Windows 2000 with Service Pack 4.
> Thank you very much in advance.

A good and free sniffer is wireshark.

http://www.wireshark.org/


--

Regards
Robert

Smile... it increases your face value!


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

Re: Zonealarm and sniffer tools

am 17.12.2006 10:16:30 von ua

Am Sat, 16 Dec 2006 15:57:09 +0100 schrieb Robert :

>> Is there a way to record also the outgoing packets without deactivating
>> Zonealarm? I use Windows 2000 with Service Pack 4.
>> Thank you very much in advance.
>
> A good and free sniffer is wireshark.
>
> http://www.wireshark.org/

Thanks, it works :-)
It seems the error was caused by a missing "WinPCap" driver. The other
tools I had tried before did not automatically install that driver and
then run in the "raw ip" mode. Probably this was the reason why they could
only track the incoming packets.

--
Regards,
ua

PS: If you want to email me, you must delete the "x" characters from the
reply email address.