** Disclaimer to all new readers – This blog post is VERY old and not really representative of my current work. I’ve just left it up here for historical purposes. If you are interested in learning more about packet analysis I’d reccommend reading some of my newer posts or looking at my book, Practical Packet Analysis. **
I just wanted to make a couple of quick notes before I published the next section in Packet School 101. I have been in touch with Gerald Combs, who as many of you know is the original developer of Ethereal, and he has informed me that due to copyright and legal restrictions that Ethereal HAS been rebranded as the Wireshark project. I had heard this from several sources but wanted to make sure it was legitimate before I posted anything about it. This being said, Wireshark is basically the same program as Ethereal so all of the previous tutorials I have posted should still be valid. Also, from here on out I will no longer refer to the program as Ethereal, and all of the screenshots will also reflect the Wireshark program. You can learn more about Wireshark at http://www.wireshark.org.
Also, I want to thank you guys for all of the comments anad questions you have sent. Towards the end of the series I am going to devote one whole section to nothing but questions, so keep sending them my way.
Be sure to check back in the next couple of days for Packet School 101 – Part 4!
I have noted that the windows version has an Expert Info choice available, but the Linux version does not. Is a Linux version available that does have that choice? It is useful for the analysis we are performing, and would like to do this on the Linux side vs the windows side if possible.??
thanks for all your efforts, just finished your 4 part tutorial, and will continue to check back as more sections are (hopefully) added.
ken