Penguin
Recent Changes
Note: You are viewing an old revision of this page. View the current version.

Ethereal is a PacketSniffer.

It is now in pretty gtk2.

Tips

Display Filters

Although ethereal's help shows you many fields you can use to filter on, such as all the subfields of the various supported protocols, it doesn't give you any help as to how to set up a simple filter!

So, here are some simple examples:

Hides all SSH and ARP protocol packets

ssh && !arp

Hide all SSH protocol packets, as well as TCP ACK/FIN etc packets for ssh connections

ssh && tcp.port != 22