Getting Ethereal

Ethereal is readily available, in both source and binary form, for download from a variety of sources. The most authoritative source for downloads is the Ethereal download website at www.ethereal.com/download.html. This web page contains a list of mirror sites and locations around the world to download binary distributions and ready-to-install packages for several platforms. It also contains the source code in tar archive format for downloading via Hypertext Transfer Protocol (HTTP) and File Transfer Protocol (FTP). Another source for obtaining Ethereal may be your OS CD-ROM. However these tend to be older versions and it is worth the time to download the latest versions. There are several requirements and dependencies to install Ethereal properly. These requirements depend on a variety of factors including the operating system platform and whether you are installing a precompiled binary or compiling from source. We will address these issues for several platforms throughout this chapter.

The packages you will need for installing Ethereal are available free of charge on the Internet at their respective web sites. We have also included the latest release (as of press time) of each package on the CD-ROM that accompanies this book to save you some effort when it comes time to build the programs. If you would like to download the latest version of the software before beginning, feel free to do so; just make sure to substitute package names when necessary. For example, if we reference the file ethereal-0.10.0a.tar.gz and you have ethereal-0.10.0.tar.gz, use your filename because it’s newer.

Platforms and System Requirements

“On what operating system platforms can you install Ethereal?” The following list shows a number of platforms that have readily available Ethereal binaries:

• MacOS X

• BeOS

• Debian GNU/Linux

• FreeBSD

• Gentoo Linux

• Tru64 UNIX

• HP-UX

• AIX

• S/390 Linux

• Mandrake Linux

• Windows

• NetBSD

• OpenBSD

• PLD Linux

• Red Hat Linux

• ROCK Linux

• SCO

• Irix

• Solaris/Intel

• Solaris/SPARC

• Slackware Linux

• SuSE Linux

This list is constantly expanding as developers port the Ethereal source to new platforms. If your operating system is not listed, and you are feeling brave, go ahead and download the source code and begin building it for your system!

System requirements vary depending on the platform and distribution that you use. When compiling from source code, the important packages to have include:

• Libpcap The packet capture library that is responsible for capturing the data off of the network.

• GIMP Toolkit (GTK+) The graphical user interface library.

• Glib The low-level core library for GTK+.

• Zlib The data compression library that allows Ethereal to read gzip-compressed files on the fly.

• Perl A high-level programming language used to build the Ethereal documentation.

• Net-SNMP The Simple Network Management Protocol (SNMP) library used to translate Object Identifiers (OIDs) to names and to decode variable bindings with the use of Management Information Base (MIB) files.

• GNU adns The asynchronous-capable Domain Name System (DNS) client library and utilities that allow Ethereal to perform faster name resolution.

• PCRE The Perl Compatible Regular Expressions (PCRE) library is a set of functions that implement regular expression pattern matching using the same syntax and semantics as Perl 5. This library is needed to use the “matches” display filter.

You may not need all of the prerequisites if you are installing a precompiled binary distribution on UNIX and Windows. For example, the Windows binary only depends on the WinPcap capture library. And it doesn’t even need that if you are only using Ethereal to view saved capture files. We will cover these requirements in detail later in this chapter.