Building and Installing Ethereal
The Components (both Ethereal GTK1 and 2 cannot be installed at the same time):
•Etheral GTK1 - Ethereal is a GUI network protocol analyzer.
•Etheral GTK2 - Ethereal is a GUI network protocol analyzer (using the modern GTK2 GUI toolkit, recommended).
•
•Tethereal - Tethereal is a
The dissection extensions for Ethereal and Tethereal:
•Dissector Plugins - Plugins with some extended dissections.
•Tree Statistics Plugins - Plugins with some extended statistics.
•Mate - Meta Analysis and Tracing Engine - user configurable extension(s) of the display filter engine, see http://wiki.ethereal.com/Mate for details.
•SNMP MIBs - SNMP MIBs for a more detailed SNMP dissection.
The Tools:
•Editcap - Editcap is a program that reads a capture file and writes some or all of the packets into another capture file.
•Text2Pcap - Text2pcap is a program that reads in an ASCII hex dump and writes the data into a
•Mergecap - Mergecap is a program that combines multiple saved capture files into a single out- put file.
•Capinfos - Capinfos is a program that provides information on capture files.
The Additional Tasks:
•Start Menu Shortcuts - add some start menu shortcuts.
•Desktop Icon - add an Ethereal icon to the desktop.
•Quick Launch Icon - add an Ethereal icon to the Explorer quick launch toolbar.
•Associate file extensions to Ethereal - Associate standard network trace files to Ethereal.
2.8.2.Install WinPcap
Note!
As mentioned above, the Ethereal installer (since version 0.10.12) takes care of the installation of WinPcap, so usually you don't have to worry about WinPcap at all!
If you do not have WinPcap installed you will be able to open saved capture files, but you will not be able to capture live network traffic.
While running, the Ethereal installer detects which WinPcap version is currently installed and will
25
