Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    How To Use Ethereal

    Uploaded by

    hokkheang

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    How To Use Ethereal

    Uploaded by

    hokkheang
    7 views4 pages

    Original Title

    How to Use Ethereal

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    7 views4 pages

    How To Use Ethereal

    Uploaded by

    hokkheang

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    How to setup the Ethereal for capturing the network packets.

    1. Visit http://www.ethereal.com
    2. Select download in left pain.
    3. Select the site of Windows98/ME/2000/XP/2003 installers.
    4. At the bottom of the page, select the winpcap and ethereal setup files and save them on
    PC.
    5. Setup the WinPcap.
    6. Setup the Ethereal.
    Setup the WinPcap
    and Ethereal on PC.

    7. Connect the PC between MFP device and Hub of the network.


    8. Start the Ethereal from the icon on Desktop.
    9. Select the start from capture menu.
    10. Select OK.
    11. Press STOP if you finish capturing packets.
    12. Data is displayed on screen.
    13. Save the packets as a file.
    In case of SW hub, unicast packets are copied
    to only the target port. 2. Hub check the Mac address and
    throw the packets into the
    specified port. The NIC which
    has the Mac address is connected
    Keep the list of Mac address on the specified port.
    and IP address combination.

    Mac address : 00-20-6b-36-0b-00


    IP address : 10.5.1.20
    1. Packets come into Other ports do not
    Hub. Target IP is have any packets.
    10.5.1.20.

    In case of Standard hub, unicast packets are


    copied to all port. 2. All packets are
    copied to all
    ports.

    Mac address : 00-20-6b-36-0b-00


    IP address : 10.5.1.20

    1. Packets come into


    Hub. Target IP is
    10.5.1.20.

    If installing the PC, it can catch


    the all packets between the
    target device (10.5.1.20) and
    entire network. Of course,
    most of the network using the
    SW hub, so actually we can not
    get all packets in entire
    network.
    All data related the MFP
    go back and forth on this
    line. It means here is the
    best position to capture Hub
    the packets related to (Standard
    MFP. or SW)

    Network Servers,
    clients etc,.

    Network.
    Include all AD server, DNS server, FTP
    Server Mail Server and clients etc,.

    Hub
    Standard Hub (Standard
    Ex. NETGEAR Dual or SW)
    Speed Hub DS104

    Network Servers,
    clients etc,.

    Network.
    Include all AD server, DNS server,
    FTP Server and clients etc,.
    Ethereal

    Install the Standard type


    hub and PC run the
    capture soft to catch the
    all related packets.
    If this hub is SW hub, the client PC can not capture
    the packets between Server and MFP.
    Now, most of the Hub has the Switching function.

    Mail Server

    Mail Server1

    If capture software is running on


    Server2, packets can not be gotten
    between MFP and Mail Server1. Server2
    Because most of Hubs have the
    Switching function.

    You might also like