Jump to content

EtherApe

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 27.114.175.203 (talk) at 06:26, 12 September 2016 (→‎History). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

EtherApe
Developer(s)Riccardo Ghetta, Juan Toledo, Zev Weiss
Initial releaseFebruary 17, 2000 (2000-02-17)
Stable release
0.9.14 / February 6, 2016; 8 years ago (2016-02-06)
Written inC
Operating systemLinux and Unix-like
Available inEnglish
TypeNetworking
LicenseGNU General Public License
Websitehttp://etherape.sourceforge.net/

EtherApe is a packet sniffer/network traffic monitoring tool, developed for Unix. EtherApe is free, open source software developed under the GNU General Public License.

Functionality

Network traffic is displayed using a graphical interface. Each node represents a specific host. Links represent connections to hosts. Nodes and links are color-coded to represent different protocols forming the various types of traffic on the network. Individual nodes and their connecting links grow and shrink in size with increases and decreases in network traffic.

EtherApe version 0.9.14-1[1] still depends on GConf, GnomeVFS and GTK+ version 2. Sooner or later somebody might port it to dconf, GVfs, D-Bus and GTK+ version 3 or 4.

History

Originally authored by Juan Toledo, the first version of EtherApe (version 0.0.1) was released on February 18, 2000. In a 2006 survey, Insecure.org named EtherApe number 43 on its list of the "Top 100 Network Security Tools".[2] The most recent version of EtherApe, authored by Riccardo Ghetta, is 0.9.14 and was released on February 6, 2016.[3]

Features

Some of the features listed about EtherApe include (the following list refers to version 0.9.14 of EtherApe):

  • graphical network traffic display
  • color-coded node and links for most used protocols
  • traffic may be viewed on one's own network, end to end (IP) or port to port (TCP)
  • a variety of frame and packet types are supported
  • data view can be manipulated using a network filter
  • clicking a node or link provides additional information regarding including protocol and traffic information
  • summary protocol and node table
  • can read traffic from a file or an actual network
  • handles traffic on Ethernet, WLAN, VLAN plus several other media and encapsulation types
  • supports both IPv4 and IPv6
  • XML export of node statistics
  • "central node ring" mode.
  • "column" mode.

Security

EtherApe requires root privileges to capture packets (but not to replay captured files). As such, there can be risks to the machine(s) running EtherApe when connected to the internet.

See also

References

  1. ^ "EtherApe in Debian repository".
  2. ^ Top 100 Network Security Tools
  3. ^ EtherApe home page
Retrieved from "https://en.wikipedia.org/w/index.php?title=EtherApe&oldid=739001610"