What is Ethereal?
Ethereal® is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. Ethereal is one of the best graphical packet sniffer. Its graphical interface makes it easy to use and its big list of features make it very powerful in analyzing network traffic.
Why Ethereal?
We will use Ethereal in our project to capture the traffic coming to the snort system and make sure that it has been sent and received in the way we wanted. During testing you might be not sure if snort logged a specific alert because it is improperly configured or because the packet never came to the system. Ethereal will be an evidence to our testing project.
Download Ethereal ethereal-setup-0.10.14.exe or any latest version from Ethereal website http://www.ethereal.com/download.html.
Double click ethereal execution file “ethereal-setup-0.10.14.exe”. The installation wizard will start.
Click next on the Ethereal welcome message to proceed to the agreement window.
Click “I Agree” to proceed to Choose component window, which is shown in Fig. 4.1.3.
Fig 4.1.3 Choose Component Window
Make sure that GTK-wimp is selected and click next.
Click Next on the additional tasks windows to proceed to installation location window, which is shown in Fig. 4.1.4.
Fig.4.1.4 Destination Folder Window
Make sure the destination directory is C:\program files\Ethereal and click Next to proceed to Install WinPcap window as Fig. 4.1.5.
Fig. 4.1.5 WinPcap Installation window
Ethereal comes with WinPcap installation patch. Unselect Install WinPcap 3.1 (installation instruction refers to subsection 4.1.1) and click install to start the installation.
After a few seconds Ethereal will be installed. Click finish to end.
Share with your friends: |