This time we turn to Ethereal, ’sniffing the glue that holds the Internet together’. Here is the description they give : “Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session”. Whereas OSX is not included it is possible to get Ethereal running under OSX but it requires some work. To begin you need to have the XTools installed (the extra CD shipped with 10.3) (btw. you probably needed already the XTools to get Kismet up and running). Secondly, you need to have X11 in Applications/Utilities. This is not a standard option if you install 10.3 but with a custom install you can install X11. If you haven’t done this, no problem, you can download X11 from the apple-site (43Mb! download). And finally you need to have Fink installed (see a previous post). If you are set, open the Terminal and type

sudo fink install ethereal-ssl

Fink will tell you that it needs some additional packages to install (12 in my case) and you agree to this with typing Y. Get yourself a coffee and a book or newspaper because the compilation process takes quite a while (in my case it took over one hour!). When it finally stops you hope to be done, so start up X11 and type

sudo /sw/bin/ethereal

and it works! If you want to begin sniffing you have to click on Capture/Start and a pop-up window appears. Specify en1 as Interface and click on Ok. If after some time you press Stop all the captured packages appear in the main window and you can start playing. We will see another time what exactly you can do with all this information…

The previous time that I tried to install Ethereal (on an iBook) I got an error message : dyld: /sw/bin/ethereal can’t open library: /sw/lib/libdl.0.dylib (No such file or directory, errno = 2). Fortunately a simple Google gave me the following work-around. So if you get into problems that will probably solve them. I also needed to type xhost in X11 to allow su to use my window. But, none of these problems appeared right now so maybe they updated the package.

Moreover, Ethereal is very well documented both with an online manual-page and a User’s guide (which you can also download as PDF-file : 454 pages! but only the first 100 or so are worth printing).

• I Love Social Bookmarking
  
  • Subscribe
  • Digg
  • del.icio.us
  • Ma.gnolia
  • StumbleUpon
  • Technorati

No comments
Posted in mac
Written on Wed, 07 January 2004 at 4:38 pm
Tags: apple, google, mac, OSX, warwalking
If you liked this post, then consider subscribing to our full RSS feed.