======= Sniffing =======
  *<code>tcpdump -s 1518 -lenx -i eth0 |tcpshow -cooked -data </code>
    *provides payload decoding to screen
  * <code>tcpdump -s 1518 -lenx -i eth0</code>
  * <code>tcpdump -i eth0 -Alnq host 172.28.5.96 and port 80</code>
  * <code>tcpdump -nnvvXSs 1514 -i eth0 host 172.28.5.96 and port 80</code>
  * <code>tshark 'tcp port 80 and host 172.28.5.96 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' </code>
  * <code>sudo tcpdump -nnvvXSs 1514 port 389 -i eth0</code>
    * decode LDAP traffic


==== Wireshark ====
  * OS X issues - http://discussions.apple.com/thread.jspa?threadID=1904197&tstart=0
  * filter examples - http://www.danielmiessler.com/study/tcpdump/

==== SSG ====
  * Bittorrent configuration
    * http://forums.juniper.net/jnet/board/message?board.id=Firewalls&message.id=2786&query.id=163516#M2786
    * http://www.juniperforum.com/index.php/topic,2739.0.html


======= Software =======
  ***ttcp** http://www.ccci.com/product/network_mon/tnm31/ttcp.htm
  ***netpipe-tcp** [[netpipe]] is a protocol independent performance tool that encapsulates the best of ttcp and netperf and visually represents the network performance under a variety of conditions. By taking the end-to-end application view of a network, [[netpipe]] clearly shows the overhead associated with different protocol layers. Netpipe answers such questions as: how soon will a given data block of size k arrive at its destination? Which network and protocol will transmit size k blocks the fastest? What is a given network's effective maximum throughput and saturation level? Does there exist a block size k for which the throughput is maximized? How much communication overhead is due to the network communication protocol layer(s)? How quickly will a small (< 1 kbyte) control message arrive, and which network and protocol are best for this purpose?
  ***ntop**