Not had to use these on vast networks but personally I use the command line tools Tshark or Tcpdump. That in combination with grep and awk to filter output. Unfortunately as screen reader users, we just don't get the nice intuitive view of a packet stream that the gui stuff can give someone at a glance. There are other tools like Ntopng which present packet capture information in a webgui. You probably know but in case not, it matters where you place your sniffing machine too. On a wired network, you want to connect it to a SPAN or Mirror port with the sniffer's interface in promiscuous mode. You could use a old layer 1 hub instead otherwise you have to mess about doing man in the middle njiggery pokery to see all the traffic on the LAN. Unless you're router is linux based, then run the commands on there. Regards Chris Turner On 16/12/2016 16:55, John G Heim wrote:
I use ngrep but that's linux. I haven't used Windows in many years. There are only like eleventy gazillion network tools for linux. I use ngrep because it was the first one I found 20 years ago. I learned it's command line syntax and have been using it ever since. I did track down a problem almost exactly like this many years ago with ngrep. I wrote a perl script thatsniffed packets with ngrep for about 30 seconds and then printed a list of the IP addresses and ports that were getting the most traffic. I can share that perl script but I suspect that by now there are linux network utilities that do it better.
Maybe it's that when you have a hammer, everything looks like a nail but if I had a problem like this, I sure would want to use a linux machine to track it down.
On 12/16/2016 10:32 AM, Steve Matzura wrote:
I have a friend with a big problem. Something is eating his network alive. Could be a computer, could be the modem, in which case a re-flash of firmware will fix it. All his computers are virus- and badware-free, according to up-to-date installations of antivirus and all kinds of anti-badware softwares. Meantime, I thought I'd see what Wireshark is like with a screenreader, test it locally, get my friend to install it, Tandem into that machine, run it, and see what's what. FORGETABOUTIT! Using the JAWS cursor doesn't do much, not even with the OCR feature. There are some tabbable dialogs, or screens that act like they're dialogs, but to kick the thing started, I just cannot seem to get it to start listening and collecting packets and doing its thing with them. I remember using this tool way back when it was EtherNim and thought it was pretty accessible. But that was more than a decade-and-a-half ago, and times (and obviously software) have changed. Anyone got any accessibility hacks for Wireshark, or can recommend another tool that runs on anything--Windows, OS X, some Linux--heck, I'd even run it on a Raspberry Pi if it's accessible!!--that will do the same thing?
Thanks in advance.
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
_______________________________________________ Blind-sysadmins mailing list Blind-sysadmins@lists.hodgsonfamily.org https://lists.hodgsonfamily.org/listinfo/blind-sysadmins
--- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus