[Centos] Where is ethereal?

Matt Shields mattboston at gmail.com
Sun Jan 9 00:45:53 UTC 2005


ethereal/tethereal will do that for you.  Here's part of a sample
command line that I used to capture while I was browsing Google(I cut
out some lines).  If you look at the 2nd line you'll see where I
submitted the query to Google for centos.  In the past(and this is
going back quite a few years, I've used ethereal to help users get
their mail passwords back, because email username/passwords are
unencrypted.

[root at matt-test root]# tethereal  | grep -vi SSH | grep -vi vrrp |
grep -vi stp | grep -v 5901
Capturing on eth0
  0.017168   10.0.3.225 -> 10.0.3.255   NBNS Name query NB KAMENSDEV<00>
  0.699144   10.0.2.168 -> 64.233.167.104 HTTP GET
/search?hl=en&q=centos&btnG=Google+Search HTTP/1.1
  0.739789 64.233.167.104 -> 10.0.2.168   TCP http > 38760 [ACK] Seq=0
Ack=602 Win=29400 Len=0
  0.761950 64.233.167.104 -> 10.0.2.168   HTTP HTTP/1.1 200
OK[Unreassembled Packet]
  0.762214   10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=1430 Win=22880 Len=0
  0.764795 64.233.167.104 -> 10.0.2.168   HTTP Continuation
  0.764988   10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=1689 Win=22880 Len=0
  0.801813 Intel_b1:cc:20 -> Broadcast    ARP Who has 10.0.3.225? 
Tell 10.0.2.148
  0.885105 64.233.167.104 -> 10.0.2.168   HTTP Continuation
  0.885313   10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=3119 Win=25740 Len=0
  0.893630 64.233.167.104 -> 10.0.2.168   HTTP Continuation
  0.893905   10.0.2.168 -> 64.233.167.104 TCP 38760 > http [ACK]
Seq=602 Ack=4156 Win=28600 Len=0
47 packets dropped
743 packets captured

-- 
Matt Shields
http://masnetworks.biz
http://www.centos.org
http://www.caosity.org


On Sat, 8 Jan 2005 17:07:22 -0400, Joe Polk <listuser at javelinux.com> wrote:
> Then can someone refresh my memory? I recall a network packet sniffer-type app
> that ran in console and had an ansi-like look to it (much like Midnight
> COmmander looks etc.). I cannot remember it and thought it was ethereal.
> Evidently not.
> 
> --
> <<JAV>>
> 
> ---------- Original Message -----------
> From: Johnny Hughes <mailing-lists at hughesjr.com>
> To: CentOS Users <centos at caosity.org>
> Sent: Sat, 08 Jan 2005 14:52:57 -0600
> Subject: Re: [Centos] Where is ethereal?
> 
> > Just for the record, from "man ethereal"
> >
> > Ethereal is a "GUI network protocol analyzer".  It lets you
> > interactively browse packet data from a live network or from a
> > previously saved capture file.
> >
> > And from "man tethereal"
> >
> > Tethereal is a "network protocol analyzer".  It lets you capture packet
> > data from a live network, or read packets from a previously saved
> > capture file, either printing a decoded form of those packets to the
> > standard output or writing the packets to a file.
> >
> > _______________________________________________
> > CentOS mailing list
> > CentOS at caosity.org
> > http://lists.caosity.org/mailman/listinfo/centos
> ------- End of Original Message -------
> 
> _______________________________________________
> CentOS mailing list
> CentOS at caosity.org
> http://lists.caosity.org/mailman/listinfo/centos
>



More information about the CentOS mailing list