Protocol Analysers for Win2K/v6

Peter Curran pcurran@ticl.co.uk
Fri, 13 Oct 2000 20:07:57 +0100

Previous message: Firewalled tunnel
Next message: IPv6 (and IPv4 routing)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A few days ago I asked for help in locating such a beast.  As usual, a
number of colleagues from the list pointed me at various products - many
thanks for taking the time to reply.

As I suspect that this either is, or will be soon, an FAQ - I thought I
should summarise the answer to the list so that anybody who needs this info
in the future can dig it out of the archive.  So here goes.....

Question:  Is there a protocol analyser package for Windows 2000 that can
interpret IPv6 packets?

Answer:  Yes, there are a number......

1.  Microsoft have an updated version of their Network Monitor application
that handles all IPv6 headers that I have shown it (that is most, but does
not include any MIPv6 stuff).  This is commercial software, but a demo
version is available for download that expires after 90 days.  The updated
version is available from:
ftp://ftp.microsoft.com/transfer/outgoing/bussys/winnt/netmon2.zip The
password for the .zip file is "capture".
<Thanks Richard Draves from Microsoft>

2. Wild Packets (formerly AG Group) have a product called EtherPeek.  This
runs under Windows 2000 and handles a subset of IPv6 packets - frustratingly
it does not seem to recognise IPsec over v4 or v6.  A demo version is
available for download, the full product retails for $995.
http://www.wildpackets.com/products/Etherpeek.html
<Thanks Ian Macdonald from Bespoke IT>

3.  The freeware Ethereal analyser now runs under Windows 2000.  This is a
pretty good package if you just want to see the traffic and look at packets
to see what is going on.  It does not have any sophisticated reporting tools
like the commercial products.  It seems to handle all the IPv6 traffic I
have shown it.
http://www.ethereal.com
<Thanks Itojun, Louis Zuckerman, James Brown>

4.  The Agilent network analyser (from Agilent, a part of HP) claims support
for IPv6.  This goes no further than recognising a v6-over-Ethernet packet,
decoding the basic v6 header and thats about it.  I am informed by Agilent
that the production version has more complete support (I was using a
demo/Beta version).
http://www.agilent.com

Cheers

Peter Curran
TICL

Previous message: Firewalled tunnel
Next message: IPv6 (and IPv4 routing)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]