I have an older one that only works pre Windows Xp, I'm running XP.

Anyone know of a shareware version that can give basic info? I just want to see where all my bandwidth is going.

What about ethereal ? ethereal

Works great, but might be a bit overkill, If that doesn't work for you, let me know, I'll look in my library, I had some nice graphical ones that with charts, and bold lines and stuff that showed where everything was flowing, but I'm pretty sure its all linux. That what I used for all my network analysis, it would just be a matter of checking if there wouldn't be a windows version.

What he ^ said.

Ethereal is really sweet.. If not, you can probably find somebody that has a copy of sms with network monitor....

Ethereal is the way to go. I use it at work all the time. The filtering can be a little tricky, but if you're doing just a general sniff it's a good program.

Nice, thanks.

Talks about how it doesn't work well with wireless nets and thats what I'm trying to look at, stuff on the wireless side.

I've tried to locate an option to do a 'spanning tree' or port mirror on my Linksys router so I can see all the traffic to and from the modem. No luck so far.

Linksys routers aren't that advanced. If you have a hub plug the hub into the connection you want to monitor and hook up the monitoring computer to the hub, that's about all you can do.

You may or may not need crossover cables to do it. I can't remember if the Linksys is auto-switching or not.

I'd give it a sniff anyways. If someone is peaking around or you're looking for something specific it might be broadcast traffic.

Black Ice Defender used to work really well, but I don't know about their XP version.

BID is a fire wall, isnt it?

King, good thought, I'll try that.

hahahaha.... i thought it said:

Package Stiffener Needed.

I was running a capture of ethereal for fun as I hadn't done one on my laptop in a while and wanted to see if there would be something new. To generate traffic, I was still on this page, so I reloaded it but did not look at it, just my capture, and the first thing I saw was the www.viagra.com request, so I started thinking that I had something running that was pushing ads somewhere. Started doing all sort of test until I finally came back here and saw the picture.

It used to have a sniffer built in, too.

I don't know what the current XP version does. It's probably been 5 years since I ran it; I'm just bored at work and needed to talk...

I use Wildpackets at work

Ethereal works quite well. The recent versions have marked improvements with some of the plugins now bundled. Make sure to disable all network protocols on the interface you are sniffing with, or your capture will be polluted with traffic you shouldn't be seeing.

You are confusing a couple network terms, however. Spanning-tree Protocol (STP) is a layer 2 network protocol used to identify and stop network loops by finding the loops and disabling network ports (blocking state) to stop them.
"Spanning" a port is a Cisco (CatOS) term used to mirror all the traffic from one port to another for network analysis. In Cisco IOS, it is done as follows:

The destination port (where you are connected with your sniffer) is FastEthernet0/1 and the source port (whose traffic you want to capture) is FastEthernet0/2.

Switch> enable
Switch# config term
Switch(config)# interface Fa0/1
Switch(config-if)# port monitor Fa0/2
Switch(config-if)# end

If you are using CatOS, it would go something like this:

The destination port (where you are connected with your sniffer) is 8/1 and the source port (whose traffic you want to capture) is 8/2.

Switch> enable
Switch> (enable) set span 8/2 8/1

You can also span an entire VLAN (ex. 510) this way:
Switch> enable
Switch> (enable) set span 510 8/1

With the default Linksys formware, you will not be able to do this. There is alternate Linux firmware available for some of the Linksys wireless routers (WRT54G series) that would give you options for doing this, but it not something that would be easy to explain. See sveasoft.com and openwrt.org for more info if this is what you have.

I know this thread was a few days old - Just wanted to add my two cents on the SveaSoft Talisman Firmware *upgrade* for the Linksys WRT54G series - It's freakin SWEEET! I use the above and have added "Airsnort" to one of my meshed routers - Also, with a little work and research you can easily do a "home grown" setup...Heck...Why reinvent the wheel...There are premade *CD Linux Based* Intrusion/Penetration test tools like Phlack and Whax as well as a few others...Just Google stuff, hack away and....most importantly...Have PHUN!

Take Care,

Glenn