Skip to content

Seattle Unix Group Web Site

Sections
Personal tools
You are here: Home » Meetings » 1995 » Jan_etherpres.html
 

Jan_etherpres.html

Ethernet PRESENTATION

Ethernet Analysis Tools

Packet Grabbers

UNIX

  • snoop -- part of Solaris 2.3 distribution
  • etherfind -- part os SunOS 4.1.3 distribution (?)
  • esniff -- Part of alt.2600 FAQ
  • packetman -- ftp.cs.curtin.edu.au:pub/netman/[sun4c|dec-mips|sgi|alpha|solaris2]/packetman-1.1.tar.Z

MSDOS

  • ethdump v1.03 -- ftp.germany.eu.net:/pub/networking/inet/ethernet/ethdp103.zip

Monitoring Tools

UNIX

  • Interman -- IP communications monitor
  • Etherman -- Ethernet communications monitor
  • Loadman -- network load monitor

available for SunOS, Dec-Mips, SGI, Alpha, Solaris from
ftp.cs.curtin.edu.au:pub/netman/[sun4c|dec-mips|sgi|alpha|solaris2]/
[etherman-1.1a|interman-1.1|loadman-1.0].tar.Z

MSDOS

  • ethload v1.04 -- ftp.sunet.se:/pub/network/monitoring/ethload/ethld104.zip

EtherLoad: Main Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      -
(F)low (L)ength (M)AC (P)rotocol (Q)uit (R)eceiver (S)ender              
Statistics for the last 5 second(s) Mon Jan 09 06:54:21 1995 0.00% lost        
Bytes received:   0000021844 (   0.35% of LAN capacity)                       
Frames received:  0000000108 (mean inter-frame time      46.30 msec)            


Statistics for the busiest 5 second(s) Mon Jan 09 06:54:21 1995 0.00% lost      
Bytes received:   0000021844 (   0.35% of LAN capacity)                         
Frames received:  0000000108 (mean inter-frame time      46.30 msec)            


Cumulative statistics since Mon Jan 09 06:53:51 1995 0.00% lost                 
Bytes received:   0000091908 (   0.21% of LAN capacity)                        
Frames received:  0000000636 (mean inter-frame time      55.03 msec)           

    

  1. 10                              50                                    100
ÚÅÄÄÄÄÄÅÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÅÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÅ¿
³ÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛÛ³
ÀÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÄÙ

EtherLoad: Protocol Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      +
Net(B)EUI (D)ECnet (I)P (L)LC (N)etware/XNS (O)SI (T)ype/SAP 
Top Ethernet type(s) + LLC SAP (1/1) since Mon Jan 09 06:53:51 1995             
100.0% = 763 frames =100.0% of analyzed frames                                  
 92.7% Type: 0800  (DOD IP)                               
  3.8% SNAP: 809B  (EtherTalk (AppleTalk))        
  2.2% LLC SAP: 42 (IEEE 802.1d Spanning tree)  
  0.7% Type: 0806  (ARP)                       
  0.3% Type: 8040  (DEC: NetBIOS Datagrams)   
  0.3% Novell RAW IEEE 802.3 ?                                  
  0.1% SNAP: 6002  (DNA Remote Console -MOP-)

EtherLoad: Protocols --> IP --> Port Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      -
(C)onnection (D)NS (E)vent (L)ast (M)ail (N)etBIOS (P)ort (S)tat (T)elnet  
Top used TCP `privileged'/server source port(s) (1/2) filled since 06:54:48.62  
100.0% = 2484 frames = 94.6% of analyzed frames                                 
 49.9% 6000 (Xserver0)                                                
 14.7% 32987                                                                
  7.0% 37031                                                                 
  6.4% 32984                                                                   
  4.1% 33374                                                                   
  4.0% 33396                                                                   
  2.6% 37061                                                                  
  2.6% 80 (http)                                                               
  2.4% 33405                                                                    
  1.8% 6501                                                                     
  0.8% 33404                                                                    
  0.8% 37030                                                                    
  0.5% 33348                                                                    
  0.5% 37036                                                                    
  0.2% 32986                                                                    
  0.2% 37032                                                                    
  0.2% 36903                                                                    
  0.1% 36824                                                                    
  0.1% 37045                                                                    
  0.1% 36839

EtherLoad: Protocols --> IP --> Connections Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%     P-
(C)onnection (D)NS (E)vent (L)ast (M)ail (N)etBIOS (P)ort (S)tat (T)elnet
Top active TCP connections (1/2) since Mon Jan 09 06:53:51 1995                 
100.0% = 3731 frames = 97.0% of analyzed frames                                 
 38.9% 199.182.118.27.Xserver0 199.182.118.62.32987                     
 15.7% 199.182.118.22.Xserver0 199.182.118.61.37031                        
 11.8% 199.182.118.27.Xserver0 199.182.118.62.32984                           
  6.2% 199.182.118.27.Xserver0 199.182.118.62.33406                            
  5.4% 199.182.118.61.6501 199.182.118.62.33405                               
  5.1% 199.182.118.27.Xserver0 199.182.118.62.33396                            
  4.7% 199.182.118.27.Xserver0 199.182.118.62.33374                           
  3.1% 199.182.118.26.Xserver0 199.182.118.61.37061                            
  2.0% 198.93.93.10.http 199.182.118.83.1818                                    
  1.3% 199.182.118.27.Xserver0 199.182.118.62.33404                             
  1.2% 199.182.118.22.Xserver0 199.182.118.61.37030                             
  0.7% 198.93.93.10.http 199.182.118.83.1817                                    
  0.7% 199.182.118.27.Xserver0 199.182.118.62.33348                             
  0.7% 199.182.118.22.Xserver0 199.182.118.61.37036                             
  0.3% 199.182.118.21.Xserver0 199.182.118.61.36839                             
  0.3% 199.182.118.25.Xserver0 199.182.118.61.36902                             
  0.2% 199.182.118.25.Xserver0 199.182.118.61.36903                             
  0.2% 199.182.118.27.Xserver0 199.182.118.62.32986                            
  0.2% 199.182.118.22.Xserver0 199.182.118.61.37032                             
  0.2% 199.182.118.27.Xserver0 199.182.118.61.37626

EtherLoad: Protocols --> IP --> Mail Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      +
(C)onnection (D)NS (E)vent (L)ast (M)ail (N)etBIOS (P)ort (S)tat (T)elnet 
POP/SMTP event(s) page 1/1 (8 entries)                                          
06:55:16.20 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     <<<+OK UCB Pop server (version 1.831beta) a...                             
06:55:16.42 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     >>>USER chuck                                                              
06:55:16.42 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     <<<+OK Password required for chuck.                                        
06:55:16.64 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     <<<+OK chuck has 0 message(s) (0 octets).                                  
06:55:16.75 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     >>>STAT                                                                    
06:55:16.75 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     <<<+OK 0 0                                                                 
06:55:16.81 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     >>>QUIT                                                                    
06:55:16.81 Client: 199.182.118.90 Server: 199.182.118.61.pop3                  
     <<<+OK Pop server at bundy signing off.

EtherLoad: Protocols --> IP --> Events Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      +
(C)onnection (D)NS (E)vent (L)ast (M)ail (N)etBIOS (P)ort (S)tat (T)elnet 
TCP event(s) page 1/2 (28 entries)                                              
06:54:22.52 199.182.118.83.1817->198.93.93.10.http SYN mss=512 win=22099       
06:54:22.80 198.93.93.10.http->199.182.118.83.1817 SYN ACK mss=512 win=61440    
06:54:24.23 199.182.118.83.1818->198.93.93.10.http SYN mss=512 win=22099        
06:54:24.72 198.93.93.10.http->199.182.118.83.1818 SYN ACK mss=512 win=61440    
06:54:25.65 198.93.93.10.http->199.182.118.83.1817 FIN ACK                      
06:54:27.69 199.182.118.83.1817->198.93.93.10.http FIN ACK                      
06:54:28.90 198.93.93.10.http->199.182.118.83.1817 FIN ACK                      
06:54:28.90 199.182.118.83.1817->198.93.93.10.http RST                          
06:54:30.21 199.182.118.83.1817->198.93.93.10.http RST                          
06:54:31.37 199.182.118.62.33405->199.182.118.61.6501 SYN mss=1280 win=8760     
06:54:31.37 199.182.118.61.6501->199.182.118.62.33405 SYN ACK mss=1280 win=8760 
06:54:42.63 199.182.118.62.33396->199.182.118.27.Xserver0 FIN ACK               
06:54:42.63 199.182.118.27.Xserver0->199.182.118.62.33396 FIN ACK               
06:54:54.56 199.182.118.62.33374->199.182.118.27.Xserver0 FIN ACK               
06:54:54.56 199.182.118.27.Xserver0->199.182.118.62.33374 FIN ACK               
06:54:56.37 199.182.118.61.37626->199.182.118.27.Xserver0 FIN ACK               
06:54:56.37 199.182.118.27.Xserver0->199.182.118.61.37626 FIN ACK               
06:55:06.53 199.182.118.62.33406->199.182.118.27.Xserver0 SYN mss=1280 win=8760 
06:55:06.53 199.182.118.27.Xserver0->199.182.118.62.33406 SYN ACK mss=1280 win=4
06:55:15.82 199.182.118.90.1521->199.182.118.61.pop3 SYN mss=1280 win=4788

EtherLoad: Arp Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%       -
(C)ache (H)istory (I)nvertedCache (M)iscellaneous (S)enders (T)argets
ARP table contents page 1/1                                                    
199.182.118.61 08-00-20-1D-2E-14                                                
199.182.118.62 00-80-3F-F2-01-40                                                
199.183.91.91 08-00-20-11-0A-20                                                 
199.183.91.92 08-00-20-1B-1E-16                                                 
199.183.91.181 00-00-89-01-B6-35                                                
199.182.118.90 08-00-07-46-FF-0C                                                
199.182.118.23 00-00-A7-00-23-FF                                                
199.182.118.27 08-00-11-01-A5-04

EtherLoad: Protocols --> IP --> UDP Screen

 
ETHernet LOAD 1.04 (c) NRB 90-92 and vyncke@csl.sni.be Jan 16 1994  0.00%      -
(A)ssociations (B)OOTP (D)NS (L)ast (N)etBIOS (P)orts (R)IP (T)FTP  
Top used UDP `privileged'/server source port(s) (1/1) since Mon Jan 09 06:53:51 
100.0% = 23 frames =  0.2% of analyzed frames                                   
 34.8% 830     
 26.1% 828         
 21.7% 513 (who)      
  8.7% 111 (sunrpc)    
  4.3% 831                               
  4.3% 829

Created by zoperoot
Contributors :
Last modified 2004-06-20 10:56 AM
« July 2010 »
Su Mo Tu We Th Fr Sa
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
 
 
Powered by Plone

This site conforms to the following standards: