| < Day Day Up > |
|
Binary Ethereal packages for Windows, Linux, and various UNIX flavors can be downloaded from www.ethereal.com.
Source code can be downloaded and compiled from www.ethereal.com if the binary packages available don’t meet your needs.
Ethereal can be launched by typing ethereal at the command line.
The Summary Window provides a one-line summary for each packet.
The Protocol Tree Window provides a detailed decode of the packet selected in the Summary Window.
The Data View Window provides the hexadecimal (or hex) dump of the packets’ actual bytes.
The filter bar provides a quick mechanism for filtering the packets displayed in the Summary Window.
Clicking the filter bar’s Filter: button will display the Display Filter dialog box to help you construct a display filter string.
The Information field will show the display filter field name of the field selected in the Protocol Tree Window.
Most preferences can be set in the Preferences dialog box.
There are context-sensitive pop-up menus available by right-clicking on the Summary Window, Protocol Tree Window, or Data View Window.
Packets in the Summary Window can be color-coded for easy reading by using the Apply Color Filters dialog box.
Ethereal can apply display filters to packets read from a file with the –R flag, discarding packets that don’t match the filter.
Ethereal uses –r to indicate a file to read from and –w to indicate a file to write to.
Ethereal can be made to start capturing from an interface immediately on startup by using the –i and -k options.
| < Day Day Up > |
|