[plug] ethereal

Jon Miller jlmiller at mmtnetworks.com.au
Fri Jul 23 18:06:08 WST 2004 

well stated!!

Jon

Jon L. Miller, MCNE, CNS, ASE
Director/Sr Systems Consultant
MMT Networks Pty Ltd
http://www.mmtnetworks.com.au

"I don't know the key to success, but the key to failure
 is trying to please everybody." -Bill Cosby



>>> craig at postnewspapers.com.au 1:13:31 pm 23/07/2004 >>>
On Fri, 2004-07-23 at 12:06, Marc Wiriadisastra wrote:
> I'm just messing around with stuff on my fc computer and I've come 
> across ethereal.  Now I know its a packet monitoring program can someone 
> please explain what the purpose apart from looking at packets its used for.

Well, it's used for network troubleshooting, program testing, protocol
reverse engineering, network security analysis and network intrusion
monitoring (as mentioned by Marc) among other things. It's handy for all
these things because it's so flexible - it can display and analyze
traffic in real time or from a stored capture file, it can filter
traffic based on an incredibly flexible ruleset, and it can track
relationships between packets in traffic flows. 

Ethereal can make it possible to pick out one connection in amongst a
100MBit/s traffic stream, then reconstruct that connection's traffic
into a human-readable text display of the data transmitted, plus a delay
graph showing how long the gaps between each packet were.

It's great, and it's saved my sanity several times when trying to debug
weird network problems. When combined with a good switch that can dump
all traffic down one designated monitoring port (ideally a gigabit
port), Ethereal is just incredible for tracking down odd network
problems.

Ethereal is a great tool to be familiar with, and I'd advise you to play
with it and learn about it if you plan to work with networks in the
future.

--
Craig Ringer



_______________________________________________
PLUG discussion list: plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
Committee e-mail: committee at plug.linux.org.au
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.plug.org.au/pipermail/plug/attachments/20040723/29d80fdd/attachment.htm>

More information about the plug mailing list