Solutions Fast Track

 < Day Day Up > 



Getting started with Ethereal

  • Binary Ethereal packages for Windows, Linux, and various UNIX flavors can be downloaded from www.ethereal.com.

  • Source code can be downloaded and compiled from www.ethereal.com if the binary packages available don’t meet your needs.

  • Ethereal can be launched by typing ethereal at the command line.

Exploring the Main Windows

  • The Summary Window provides a one-line summary for each packet.

  • The Protocol Tree Window provides a detailed decode of the packet selected in the Summary Window.

  • The Data View Window provides the hexadecimal (or hex) dump of the packets’ actual bytes.

Other Window Components

  • The filter bar provides a quick mechanism for filtering the packets displayed in the Summary Window.

  • Clicking the filter bar’s Filter: button will display the Display Filter dialog box to help you construct a display filter string.

  • The Information field will show the display filter field name of the field selected in the Protocol Tree Window.

Exploring the Menus

  • Most preferences can be set in the Preferences dialog box.

  • There are context-sensitive pop-up menus available by right-clicking on the Summary Window, Protocol Tree Window, or Data View Window.

  • Packets in the Summary Window can be color-coded for easy reading by using the Apply Color Filters dialog box.

Using Command Line Options

  • Ethereal can apply display filters to packets read from a file with the –R flag, discarding packets that don’t match the filter.

  • Ethereal uses –r to indicate a file to read from and –w to indicate a file to write to.

  • Ethereal can be made to start capturing from an interface immediately on startup by using the –i and -k options.



 < Day Day Up > 



Ethereal Packet Sniffing
Ethereal Packet Sniffing (Syngress)
ISBN: 1932266828
EAN: 2147483647
Year: 2004
Pages: 105
Authors: Syngress

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net