Ethereal is a free network protocol analyzer for Unix and Windows alike. It is a powerful analyzer that contains many useful features including the ability to read network traces from virtually any other analyzer. It also boasts a rather impressive list of supported protocols that rivals most of the other analyzers that are available. Best of all, you can read its traces on most popular operating systems.

Ethereal includes a graphical interface and a test-based mode called Tethereal. Throughout the book, we used the CLI version to illustrate the behavior of various protocols. We highly recommend using this protocol analyzer.

The official Ethereal web site is This site contains documentation and other useful information about this product. You can download this analyzer via FTP from

