"Other than my little excursion into xinetd, I've used
this series to show you ways in which you can make some sense of
the packets flying around your network, and the tools that can help
you do that. I started this article by giving you the dictionary
definition for "ethereal". Ethereal also happens to be the name of
an excellent network protocol analyzer, a powerful tool that lets
you see what is happening on your network right now. Ethereal is
available for a variety of platforms and is distributed free under
the GPL. While it is technically beta software, you'll be amazed at
how useful you'll find it.
Ethereal is another of those programs that requires the libpcap
packet capture libraries. We've talked about this one before, most
recently in the third part of this series. If you don't already
have it, check out the libpcap web site at http://www.tcpdump.org.
You'll also need GTK+ (likely to be already installed on your
system). GTK+ is available from http://www.gtk.org.
Should you decide to save yourself a few steps, a number of
precompiled binary distributions exist for Ethereal, including DEBs
and RPMs. For the latest and greatest, you can always download the
source and build it yourself. Start by paying the Ethereal web site
at visit at http://www.ethereal.com. Then extract and build the