$arr_19 ), array( 3, false, $arr_20, $arr_24 ), array( 2, false, "\" />", $arr_25 ) ) ); ?> $arr_27 ), array( 3, false, $arr_28, $arr_30 ), array( 2, false, "\" />\n\n", $arr_31 ) ) ); ?> array( 2, false, false, $arr_9 ), array( 4, $arr_10, "if", $arr_245, $arr_248 ), array( 2, false, "\n", $arr_249 ) ) ); ?> rr_466 ), array( 4, $arr_467, "if", $arr_482, $arr_484 ), array( 2, false, "\n", $arr_485 ) ) ); ?> wireshark, libpcap, packets, packet sniffer » Linux Magazine
 

Dissecting network traffic

Wireshark [1], the packet sniffer formerly known as Ethereal, is a must-have for system administrators. If you've ever had to troubleshoot a network problem or needed to watch a transaction with a server, then this is the tool for you. Like most (all?) network data capture programs for Linux, Wireshark relies on libpcap, which provides a system-independent interface for capturing packets; therefore, you do not need to write custom routines for every packet sniffer (tcpdump, Snort, Wireshark, etc.). As long as your OS (e.g., Linux, *BSD, HP-UX, Solaris, Windows, etc.) and software support libpcap, you can sniff packets to your heart's content.

Installing libpcap and Wireshark

Libpcap comes with most operating systems, and Wireshark is almost always included (at least on Linux and BSD). Wireshark is sometimes split into two separate packages: one consisting of the back-end utilities like tshark and mergecap, and the other consisting of the graphical user interface (GUI). On Fedora and most related systems, you can simply run yum:

yum install libpcap
yum install wireshark-gnome

[...]

Read full article as PDF »

comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF »

Tag Cloud

Bruce Byfield Gnome KDE Kernel Linux Linux Pro Magazine Open Source Projects Red Hat Ubuntu events foss free software google

News