• Hey all,

    I need some in-put!! As I have never used a protocol analyzer other than the demos (250 packets only- airopeek. and all) I've set up a meeting at airmagnet to have a hands on demo. But if you all had plenty of $$$ which would be the one that you would work with every day??!!!

    I haven't been able to find out about "reporting", as most demos you can't save them..

    Thanks!! Phil

    PS. I know this site will not indorce anything, that's fine, but as I know no one else that is in this industry, I need your input...

  • Hi PhilM of Mountain View:

    I would own AiroPeek (WiFi) and EtherPeek (Ethernet) from WildPackets, CommView (Ethernet) and CommView for WiFi from TamoSoft, AirMagnet (WiFi) from AirMagnet, and Sniffer Portable for Ethernet and WiFi from Network General.

    WildPackets and AirMagnet get the most attention from CWNP Program folks, TamoSoft comes in very close second but with a great price and value, Network Instruments Observer is also used in the CWAP class, and Network General is apparently staging a comeback in the analyzer market -- I know no one who has seen its WiFi offering, but I would like to.

    I hope this helps. Thanks. /criss

  • Thanks Criss,

    But 4 Wi-Fi and 4 ether.. Coudl I just ask "?". DO they all do something different that is liked more than one other..

    Yes, TamoSoft's is a great $. a 7th the cost of airopeek. But dose that make it, less user friendlly, as airoppek don't seem to have more "add-ons" like a mapping, or reporting.

    I have found the RF analyze- yellowjacket really stands out, even for that much $. GPS and multicast built in!!

    Thanks for letting me bounce this off of you.


  • Hi Phil:

    Ah, if money was not a problem.

    Each has strengths, weaknesses, features, bugs, costs, compatibilities. And each is evolving in its own way.

    Sometimes a second opinion is needed to confirm that the first analyzer was lying to you.

    I hope this helps. Thanks. /criss

  • Link ferret is a great protocol analyzer for the price. They also have an educational discount.

  • Do guys know of any freewares? Apparently my company does not believe in spending money on something that is not extremely critical.

  • I think AiroPeek is by far the most functional, and allows the most flexibility. It also has probably the highest learning curve. BTW - OmniPeek is now available, which is basically AiroPeek and OmniPeek combined.

    For those on a budget, Comview for WiFi is amazing!

    For those on an extreme budget (read free!) you can always use etheral.

  • Does Ethereal show management and control frames?

  • Airopeek. No doubt about it.

  • For free, you need the following on Windows:

    -Airodump (packaged with Aircrack)
    -Peek5.sys, Peek.dll and net5211.inf from Airopeek (downloadable)
    -Netgear WAG511 ($70)

    Capture in Airodump and open the captures in Ethereal. Works like a charm. For $70 plus tax you can't beat it.

Page 1 of 2