2.3 Ethereal
Ethereal is an alternative to Network Monitor and can be used with Windows 2000 Professional or Windows XP. You can download the program at http://www.ethereal.com/. In addition to the graphical Ethereal program, the distribution also contains other utilities such as a command-line version called Tethereal.
For starters, we have to install the packet driver. As mentioned earlier, if you are going to run Ethereal on Windows, use the WinPcap packet driver, which can be found at http://netgroup-serv.polito.it/.
After you have successfully installed the packet driver, you can install and configure Ethereal. When you run the program, you are presented with the window shown in Figure 2.6, which is similar to the Network Monitor window shown in Figure 2.5. Choose Capture | Start to open a window where you can enter parameters for frame capturing. For example, by clicking Interface you can choose the network interface used to capture frames. Click OK to begin capturing. After the capturing...