Re: Secure.dcom.exe

Hi Ivan
I'm interested in why you see ngsniff as a better alternative to Ethereal? other than it's comparatively tiny size and not requiring WinPcap ??

I feel the strength in Ethereal it's awareness of some many different protocols, it's gui is fairly slick now and the tcp stream reassembly is sweet

thoughts??

take care
-andy
Taliskers Network Security Tools
http://www.networkintrusion.co.uk
----- Original Message -----
From: "Ivan Coric" <ivan.coric@workcoverqld.com.au> To: <lee@leeevans.org>; <incidents@securityfocus.com> Sent: Thursday, August 07, 2003 1:29 AM
Subject: RE: Secure.dcom.exe

Lee,
to run ethereal on win32 you need to install winpcap also, ngsniff is a better alternative.

cheers

Ivan Coric
IT Technical Security Officer
Information Technology
WorkCover Queensland
Ph: (07) 30066414 Fax: (07) 30066424
Email: ivan.coric@workcoverqld.com.au

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

>>> "Lee Evans" <lee@leeevans.org> 08/07/03 09:38am >>>
Hi,

Thanks to all who have replied - I wasn't aware ethereal was available as a win32 build - that will do perfectly.

Regards
Lee

-- 
Lee Evans

> -----Original Message-----




---------------------------------------------------------------------------
----------------------------------------------------------------------------







***************************************************************************
Messages included in this e-mail and any of its attachments are those
of the author unless specifically stated to represent WorkCover Queensland.
The contents of this message are to be used for the intended purpose only
and are to be kept confidential at all times.
This message may contain privileged information directed only to the
intended addressee/s. Accidental receipt of this information should be
deleted promptly and the sender notified.
This e-mail has been scanned by Sophos for known viruses.
However, no warranty nor liability is implied in this respect.
**********************************************************************


---------------------------------------------------------------------------
----------------------------------------------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------