blob: c7dd8431ed44dc53cf4f0b55a72bb7a55ef746be (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Ethereal is a GUI network protocol analyzer.
It lets you interactively browse packet data from a live network or from a previously saved capture file.
See: http://www.ethereal.com for new versions, documentation, ...
Ethereal's native capture file format is libpcap format, which is also the format used by tcpdump and various other tools. So Ethereal can read capture files from:
-libpcap/WinPcap
-snoop and atmsnoop
-Shomiti/Finisar Surveyor
-Novell LANalyzer
-Network General/Network Associates DOS-based Sniffer (compressed or uncompressed),
-Microsoft Network Monitor
-AIX's iptrace
-Cinco Networks NetXRay
-Network Associates Windows-based Sniffer
-AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek
-RADCOM's WAN/LAN analyzer
-Lucent/Ascend router debug output
-HP-UX's nettl
-the dump output from Toshiba's ISDN routers
-the output from i4btrace from the ISDN4BSD project
-the output in IPLog format from the Cisco Secure Intrusion Detection System,
-pppd logs (pppdump format)
-the output from VMS's TCPIPtrace utility
-the text output from the DBS Etherwatch VMS utility
-traffic capture files from Visual Networks' Visual UpTime
-the output from CoSine L2 debug
There is no need to tell Ethereal what type of file you are reading; it will determine the file type by itself. Ethereal is also capable of reading any of these file formats if they are compressed using gzip. Ethereal recognizes this directly from the file; the '.gz' extension is not required for this purpose.
|
