EtherApe is a

packet sniffer A packet analyzer, also known as packet sniffer, protocol analyzer, or network analyzer, is a computer program or computer hardware such as a packet capture appliance, that can intercept and log traffic that passes over a computer network or p ...

/network traffic monitoring tool, developed for

Unix Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and ot ...

. EtherApe is

free Free may refer to: Concept * Freedom, having the ability to do something, without having to obey anyone/anything * Freethought, a position that beliefs should be formed only on the basis of logic, reason, and empiricism * Emancipate, to procur ...

open source software Open-source software (OSS) is computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose. Open ...

developed under the

GNU General Public License The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the Four Freedoms (Free software), four freedoms to run, study, share, and modify the software. The license was th ...

Functionality

Network traffic is displayed using a

graphical interface The GUI ( "UI" by itself is still usually pronounced . or ), graphical user interface, is a form of user interface that allows users to interact with electronic devices through graphical icons and audio indicator such as primary notation, inste ...

. Each node represents a specific host. Links represent connections to hosts. Nodes and links are color-coded to represent different protocols forming the various types of traffic on the network. Individual nodes and their connecting links grow and shrink in size with increases and decreases in network traffic.

History

Originally authored by Juan Toledo, the first version of EtherApe (version 0.0.1) was released on February 18, 2000. In a 2006 survey,

Insecure.org Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) is an American network security expert, creator of Nmap and writer of books, websites, and technical papers about network security. He is a founding member of the Honeynet Project and wa ...

named EtherApe number 43 on its list of the "Top 100

Network Security Network security consists of the policies, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, Abuse, misuse, modification, or denial of a computer network and network-accessible resources. Network securi ...

Tools".Top 100 Network Security Tools
/ref>

Features

Some of the features listed about EtherApe include (the following list refers to version 0.9.20 of EtherApe): * graphical network traffic display * color-coded node and links for most used protocols * optional background image * traffic may be viewed on one's own network, end to end (IP) or port to port (TCP) * a variety of frame and packet types are supported * data view can be manipulated using a network filter * clicking a node or link provides additional information regarding including protocol and traffic information * summary protocol and node table * can read traffic from a file or an actual network * handles traffic on

Ethernet Ethernet () is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN). It was commercially introduced in 1980 and first standardized in 198 ...

WLAN A wireless LAN (WLAN) is a wireless computer network that links two or more devices using wireless communication to form a local area network (LAN) within a limited area such as a home, school, computer laboratory, campus, or office building ...

VLAN A virtual local area network (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).IEEE 802.1Q-2011, ''1.4 VLAN aims and benefits'' In this context, virtual, refers to a physi ...

plus several other media and encapsulation types * supports both

IPv4 Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet and other packet-switched networks. IPv4 was the first version de ...

and

IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...

XML Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing arbitrary data. It defines a set of rules for encoding documents in a format that is both human-readable and machine-readable. T ...

export of node, link and traffic statistics * "central node ring" mode. * "column" mode. * optional name resolving using c-ares library * packet capture and display run on different processes

Security

EtherApe requires root privileges to capture packets (but not to replay captured files). Starting with release 0.9.15 capturing is delegated to a separate process, while the main interface can run with lower privileges, significantly reducing the risk associated with capturing packets from untrusted sources (e.g.

Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, pub ...

References

{{reflist Free network-related software Free network management software Packet analyzer software that uses GTK

Functionality

History

Features

Security

See also

References