jbvb@VAX.FTP.COM (James Van Bokkelen) (08/24/88)
If you have less than 15K to spend, and already own a sufficiently IBM- compatible PC or AT, both the Lanalyzer and the Sniffer are available in do-it-yourself versions, where you get a card and software and install it in your machine. I believe the price range is 5K - 9K. Performance is comparable to the complete versions (which is necessarily lower than the HP monitor, because the Sniffer uses an existing PC Ethernet interface (3C505 in some versions, NP600 or other cards in others) to capture packets, and Excelan uses a specialized relative of their EXOS205 card, with a conventional LAN controller chip). If you don't have 5K, but do have a PC (or AT or PS/2), and particularly if you already own an Ethernet (or ProNET-10) card, you can either buy LANWatch (from us, $1200 quantity 1), or get the MIT/CMU PC-IP distribution, and use Netwatch (which is free). Both packages put the Ethernet interface in promiscuous mode, and capture as many of the passing packets as they can. Netwatch only runs on the interfaces supported by PC-IP (NI5010, 3C500 and P1300) which are all single-buffered, so you won't do too well on loaded networks. LANWatch supports lots of cards (including Proteon's P1340/1344 for monitoring 802.5 token rings), and many of these can do pretty well, particularly in a fast AT or PS/2. However, you are never going to capture all the traffic on a heavily-loaded network. LANWatch also has lots of neat features that Netwatch doesn't have, and you get enough source to change/enhance the packet parsing and filtering routines, as well as support. James VanBokkelen FTP Software Inc. (617) 868-4878 PS: LANWatch has a help hot key instead of menus, for those in a hurry...