- Shopping Bag ( 0 items )
Posted March 14, 2004
How anxious (paranoid?) are you about your network? Has a cracker taken over one of your machines and is using it to sniff your traffic? Or maybe to propagate worms, or emit spam, especially the phishing variety, which needs a server that cannot be directly owned by the phisher. For all these reasons, and as a prophylactic measure against them, sysadmins often use network analysis tools that come with their operating systems, like tcpdump under linux and unix and windump under Microsoft. But these tend to be limited in their analytic capability. A group of people wanted to improve matters. They banded together and called their product Ethereal. It is offered freely as open source, and has been tested on linux, most unixes and various Microsoft OSs. Strictly speaking, it has not been officially released. Which makes this book a little curious, on first glance. The book documents version 0.10.0, and has a CD with all the necessary code. The authors felt that pragmatically this version is stable enough and offers significantly better functionality over the alternatives. Granted, you may be trepid about installing beta code, on principle. But the authors argue persuasively that the Ethereal functionality, both in a GUI and at the command line, warrants a serious consideration by any sysadmin. Another reason to install Ethereal has to do with the case where you are already using some proprietary network analyser. If you also run Ethereal, then the two analysers act as cross checks on each other. While Ethereal may have some bugs, so too might that other product. But how might you ever know about the latter, without using Ethereal?Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.
Posted March 11, 2004
If you run Ethereal, you love software but hate the fact there's no real documentation. So this book is a real find. The first couple of chapters review the basics, and if you're already running Ethereal you can skip them, but once you get to the chapters on writing filters and integrating it with other apps, IDS and sniffers, you will want to read every word. The authors are all Ethereal contributors, and it's pretty clear they know their stuff. Definitely a good book.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.