Installing Ethereal on Windows

The latest Ethereal Windows executable can be downloaded from the local archive at www.ethereal.com/download.html. It will install on a variety Windows platforms. We have also included the Ethereal executable on the accompanying CD-ROM. Note that you don’t need administrator rights to install Ethereal. Now that WinPcap is installed, we will step through the process of installing Ethereal 0.10.0 on a Windows 2000 Professional system.

1. Browse to the /ethereal/windows folder on the CD-ROM.

2. Begin the installation process by double-clicking on the installer, ethereal-setup-0.10.0.exe. The first screen that appears is shown in Figure 3.6. This is the GNU General Public License Agreement that Ethereal uses. After reading and accepting the terms of the license, click I Agree to continue.

   
   Figure 3.6: The Ethereal GNU License Agreement

3. The next screen, shown in Figure 3.7, allows you to choose which Ethereal components to install. We will be discussing the other supporting programs that Ethereal includes in Chapter 6. Notice that the entire distribution requires 36.2MB of free space. Ethereal consumes 20.7MB and Tethereal uses 15.8MB of the total. The rest of the components are trivial in size. Of course you would want to have adequate free space for storing your capture files as well. Accept the default to install all components and click Next to continue.

   
   Figure 3.7: Ethereal Installation Components

4. The next screen, shown in Figure 3.8, allows you to choose the folder where you would like to install Ethereal. Accept the default of C:\Program Files\Ethereal and click Install to begin the installation process.

   
   Figure 3.8: Ethereal Installation Directory

5. The next screen, shown in Figure 3.9, shows the status of the installation process. It gives line-by-line details of what is happening behind the scenes as well as an overall progress bar.

   
   Figure 3.9: Ethereal Installation Status

6. All done! Figure 3.10 shows that Ethereal is installed and ready to go. It even puts a nice shortcut icon right on the desktop. Click Close to close the dialog box.

   
   Figure 3.10: Ethereal Installation Completed

7. You can now double-click on the Ethereal desktop icon to open the Ethereal network analyzer GUI.

   Note

   A nice feature of the completed installation box shown in Figure 3.10 is the ability to save the installation log to a file. Simply right-click on one of the lines in the box and a small window will pop up that says “Copy Details To Clipboard”. Select this option and paste the results into Notepad or your favorite text editor.

   Note

   The first time you execute a WinPcap-based application such as Ethereal after installation, you must be logged in as Administrator, or have administrator rights. This will allow the driver to be installed on the system and from then on every user will be able to use WinPcap applications.

By default Ethereal is installed in C:\Program Files\Ethereal. As you saw during the installation process, this can be changed. Several files are placed within the Ethereal directory. The following installation log output shows exactly what the setup was doing:

Output folder: C:\Program Files\Ethereal Extract: wiretap-0.0.dll Extract: iconv.dll Extract: libglib-2.0-0.dll Extract: libgmodule-2.0-0.dll Extract: libgobject-2.0-0.dll Extract: intl.dll Extract: zlib1.dll Extract: adns_dll.dll Extract: pcre.dll Extract: FAQ Extract: README Extract: README.win32 Extract: manuf Extract: pcrepattern.3.txt Output folder: C:\Program Files\Ethereal\diameter Extract: dictionary.dtd Extract: dictionary.xml Extract: mobileipv4.xml Extract: nasreq.xml Extract: sunping.xml Output folder: C:\Program Files\Ethereal Created uninstaller: uninstall.exe Output folder: C:\Program Files\Ethereal Extract: ethereal.exe Extract: ethereal.html Extract: ethereal-filter.html Extract: libgtk-0.dll Extract: libgdk-0.dll Output folder: C:\Program Files\Ethereal Extract: tethereal.exe Extract: tethereal.html Output folder: C:\Program Files\Ethereal Extract: editcap.exe Extract: editcap.html Output folder: C:\Program Files\Ethereal Extract: text2pcap.exe Extract: text2pcap.html Output folder: C:\Program Files\Ethereal Extract: mergecap.exe Extract: mergecap.html Output folder: C:\Program Files\Ethereal\plugins\0.10.0 Extract: acn.dll Extract: artnet.dll Extract: asn1.dll Extract: docsis.dll Extract: enttec.dll Extract: coseventcomm.dll Extract: cosnaming.dll Extract: gryphon.dll Extract: lwres.dll Extract: megaco.dll Extract: mgcp.dll Extract: pcli.dll Extract: rdm.dll Extract: rtnet.dll Output folder: C:\Program Files\Ethereal\snmp\mibs Extract: AGENTX-MIB.txt Extract: DISMAN-EVENT-MIB.txt Extract: DISMAN-SCHEDULE-MIB.txt Extract: DISMAN-SCRIPT-MIB.txt Extract: EtherLike-MIB.txt Extract: HCNUM-TC.txt Extract: HOST-RESOURCES-MIB.txt Extract: HOST-RESOURCES-TYPES.txt Extract: IANA-ADDRESS-FAMILY-NUMBERS-MIB.txt Extract: IANA-LANGUAGE-MIB.txt Extract: IANAifType-MIB.txt Extract: IF-INVERTED-STACK-MIB.txt Extract: IF-MIB.txt Extract: INET-ADDRESS-MIB.txt Extract: IP-FORWARD-MIB.txt Extract: IP-MIB.txt Extract: IPV6-ICMP-MIB.txt Extract: IPV6-MIB.txt Extract: IPV6-TC.txt Extract: IPV6-TCP-MIB.txt Extract: IPV6-UDP-MIB.txt Extract: LM-SENSORS-MIB.txt Extract: MTA-MIB.txt Extract: NET-SNMP-AGENT-MIB.txt Extract: NET-SNMP-EXAMPLES-MIB.txt Extract: NET-SNMP-MIB.txt Extract: NET-SNMP-MONITOR-MIB.txt Extract: NET-SNMP-SYSTEM-MIB.txt Extract: NET-SNMP-TC.txt Extract: NETWORK-SERVICES-MIB.txt Extract: NOTIFICATION-LOG-MIB.txt Extract: RFC-1215.txt Extract: RFC1155-SMI.txt Extract: RFC1213-MIB.txt Extract: RMON-MIB.txt Extract: SMUX-MIB.txt Extract: SNMP-COMMUNITY-MIB.txt Extract: SNMP-FRAMEWORK-MIB.txt Extract: SNMP-MPD-MIB.txt Extract: SNMP-NOTIFICATION-MIB.txt Extract: SNMP-PROXY-MIB.txt Extract: SNMP-TARGET-MIB.txt Extract: SNMP-USER-BASED-SM-MIB.txt Extract: SNMP-VIEW-BASED-ACM-MIB.txt Extract: SNMPv2-CONF.txt Extract: SNMPv2-MIB.txt Extract: SNMPv2-SMI.txt Extract: SNMPv2-TC.txt Extract: SNMPv2-TM.txt Extract: TCP-MIB.txt Extract: TUNNEL-MIB.txt Extract: UCD-DEMO-MIB.txt Extract: UCD-DISKIO-MIB.txt Extract: UCD-DLMOD-MIB.txt Extract: UCD-IPFILTER-MIB.txt Extract: UCD-IPFWACC-MIB.txt Extract: UCD-SNMP-MIB-OLD.txt Extract: UCD-SNMP-MIB.txt Extract: UDP-MIB.txt Create folder: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal Create shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal\Ethereal.lnk Create shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal\Ethereal Manual.lnk Create shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal\Display Filters Manual.lnk Create shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal\Uninstall.lnk Create shortcut: C:\Documents and Settings\All Users\Start Menu\Programs\Ethereal\Ethereal Program Directory.lnk Create shortcut: C:\Documents and Settings\All Users\Desktop\Ethereal.lnk Completed

Notice that one of the files in C:\Program Files\Ethereal is uninstall.exe. You can use this executable to uninstall Ethereal if necessary. Some other important files to note are the five executables and their associated manual pages in HTML format: ethereal.exe, tethereal.exe, editcap.exe, mergecap.exe, and text2pcap.exe. These supporting programs will be discussed in detail in Chapter 6.