From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing / Networking / Software / Security (Rated C-class, Low-importance)
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 Low  This article has been rated as Low-importance on the project's importance scale.
Taskforce icon
This article is supported by Networking task force (marked as High-importance).
Taskforce icon
This article is supported by WikiProject Software (marked as Low-importance).
Taskforce icon
This article is supported by WikiProject Computer Security (marked as High-importance).
WikiProject Free Software / Software / Computing  (Rated C-class, High-importance)
WikiProject icon This article is within the scope of WikiProject Free Software, a collaborative effort to improve the coverage of free software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
C-Class article C  This article has been rated as C-Class on the project's quality scale.
 High  This article has been rated as High-importance on the project's importance scale.
Taskforce icon
This article is supported by WikiProject Software (marked as Low-importance).
Taskforce icon
This article is supported by WikiProject Computing (marked as Low-importance).

"802 standards"[edit]

Does "802 protocols can be dissected" refer to the IEEE802 group of standards or are there 802 protocols E. can handle? -- 13:50, 23 August 2005 (UTC)

It doesn't refer to the 802.x standards, but there are really only 740 protocols (according to tethereal -G | wc -l). Perhaps we shouldn't give a number of protocols, as that number changes from release to release. Guy Harris 08:51, 9 November 2005 (UTC)

I changed it to say "hundreds of protocols". Guy Harris 17:53, 10 November 2005 (UTC)

ooo, I didn't even have to do this part, yay! Ozzy 98 00:14, 28 June 2006 (UTC)

Ethereal now called WireShark[edit]

Ethereal has chaged it's name to WireShark (explained here). This article should be moved and all links updated. Jdm64 15:12, 9 June 2006 (UTC)

Ok, I've changed most links to now point to Wireshark instead of Ethereal. There still are some links, mostly ones that talk about Ethereal being included with an OS (i.e. Knoppix LiveCD, etc.). I'm not sure if those should be changed because Ethereal not Wireshark was included? Jdm64 18:43, 9 June 2006 (UTC)
I've replaced the screenshot and caption of the screenshot.--T3h 07:48, 10 June 2006 (UTC)
I wouldn't change anythign right now. While the MAIN dev left, and took some people with him, he doens't own ethereal. And ethereal is still listed, and has not made not of this. So, this is a fork in the application development, unless the people at ethereal agree with it. It may very well be that ethereal keeps going, and this project flops, just because of the name and backing. Wireshark is not Ethereal, so please don't change Ethereal into wireshark. They are two seperate objects, and how one transforms into the other hasn't been shown. Untill says it is now wireshark, then wireshark is a seperate program, broken off of the first.--Ozzy 98 18:40, 23 June 2006 (UTC)
Every one of the core Ethereal developers (the ones with Subversion commit privileges to the repository) is now a Wireshark developer. Gerald didn't take "some people" with him - we all went. Guy Harris 19:35, 23 June 2006 (UTC)
But Ethereal, the name, isn't his now. And THAT ethereal is still there. Until that one acknowledges wireshark as the NEW ethereal, this is propaganda. It could be that they will countune development of Ethereal. Ethereal is NOT now wireshark. Wireshark is a new project using the same code base of Ethereal, sorta like Firefox vs. Mozillia. Untill NIS has to remove the program, then they own Ethereal, and the name, and it's two completely diffrent projects. And to say that Wireshark is Ethereal, without permission by NIS, is aginst the law. He can say made from the code from, but Ethereal is still a NIS product, and it still exists. Ethereal is still called ethereal by the owners of the name, and there is still a product out there, called ethereal. So, wireshark is not ethereal.--Ozzy 98 20:17, 23 June 2006 (UTC)
Yes, it is tecnically correct that Wireshark is a fork. But, with the lead developer seeming taking all the other developers (like Guy Harris said), and the only real reason for the fork was over stupid copyrights, and the only "code" difference between the two is the name, I would say that it was more than a fork; more like a "under new management" because of copyright disputes! I think Whireshark is the new Ethereal. And all this should be noted in the article. -Jdm64 02:26, 24 June 2006 (UTC)

This would be like Activision saying "We're the NEW Atari" when they broke away from Atari in the 80s. They were all the "main" developers. Yet to this day, there's not one, but two Atari companys still around, and completely seperate from Activision (Who had some of it's core devs leave for that pendamic or whoever). Ethereal is still around, under that name. With over 500 people listed as developers, the "non-core" people may wish to stick with Ethereal, and not wireshark. Since I'm not on the team, and not going to read much more of the mailing list posts, I'm not able to say what one will get more support, or if they will both have the same support, or even if Ethereal will still have development. But as it stands now, Ethereal is not owned by Gerald, but his old employer. For all I know, his new company may have very well picked him up so they could say "We have the guy who made ethereal!". If that's true, then claiming that Ethereal is now wireshark, while the old company continues to use the name (For a reason too, they didn't keep it for fun!), well, that's aginst the law. It could be that the core developers are elitists, and make contribs by other users seem smaller then they are. I don't know, and guy is a core developer, so he's a POV source. The simple fact is, untill the owners of Ethereal say they will not be using the name, Ethereal is theirs, and it is NOT wireshark. I hate to have to bring this up to wiki administrators, but this should not have been moved, it was too soon. Ethereal IS STILL THERE. So the lead techs left. You didn't change winamp's page to a new name, even though it had a few more releases did you? What about rare, all the "main" developers left that company, and no one changed that page. Wireshark should have it's own page. I mean, you should have noticed when changing the links that you were running into issues, you said yourself you didn't know what to do about the Linux pages that still include Ethereal. And, to make it worse, where is the source for the "Ethereal is now wireshark?" The wireshark page? News pages that quote the wireshark page? Looking at wireshark's page you see: Q 1.1: What is Wireshark? A: Gerald Combs, the creator of Ethereal®, has initiated the Wireshark network protocol analyzer project, a successor to Ethereal®. Not the "a successor to Ethereal®.". Now, scroll down a bit, and you get to the MAJOR issue here...Commercial support, training, and development services are available from CACE Technologies. . Wait, commercial? So they can say "We have the guy who made Ethereal, get training from us, not the company who owns Ethereal trademarks". By changing this page, you have made a point of advertising for CACE, but Ethereal Software *ALSO* has comercial training services, *AND* they own the name of Ethereal. Gerald lost the right to control Ethereal, or at least the name. The problem with open source is, who owns the source? You may say "It's open, anyone can use it". But what if someone decided to make it NOT open. Who owns the source for Ethereal? This could be much more then a normal fork, where Ethereal gets changes wireshark doesn't. Anywyas, my long and winding point is, Ethereal is not Wireshark. So the main developers left, that's *NOT* something new in the software world. There's been times the whole dev team gets canned, but they don't control the software. If his company owns the name Ethereal, and won't let him have it back, then they *MUST* be planning on using it. If they can do anything with it remains to be seen, but untill says "Use wireshark, it's the new ethereal!" you have no reason, as per wiki user policy, to change this page or to say Ethereal *IS* Wireshark. All you're doing is hurting wireshark, and it can even have legal issues. If the owners of Ethereal ever feel wireshark oversteps it's bounds on the name, it wouldn't look good to have this page changed. Wireshark should have it's own page, and list the advantages it has over ethereal (Like, developers). Not hijacking the page of a program that is still there, and may still be in development. maybe they'll start selling Ethereal using Wireshark's source even. Got to love the joys of GPL on a legal level...--Ozzy 98 14:38, 24 June 2006 (UTC)

Ok! I get your 756 words of explanation! But, how do you think we should solve this in relations to the article? I think the Wireshark page should stay, and that a section about Ethereal be made on the page. Ozzy 98, since you feel so STRONGLY about this, you can be in charge of the section. --Jdm64 15:25, 24 June 2006 (UTC)
bah, that's like work and stuff... and umm.. honstly, I have NO clue how. :o) I'm just worried that there might be repercussions aginst the wireshark people for these actions. I was thinking more along the lines of 2 pages, Ethereal, and wireshark, with one of thoese little links on top of the page saying to go to wireshark cause it's based on the same code. Since wikipedia is the second hit on google for wireshark, a lot of care needs to be taken in the wording, by anyone directly connected to the project, if the Ethereal copyright holders do ever take legal actions, having a wireshark developer saying that Ethereal is dead and is now wireshark would look VERY bad, unless it was tongue and cheek. --Ozzy 98 15:56, 24 June 2006 (UTC) p.s. or, we could make a Ethereal page, link the wireshark page to it, say wireshark branched off from Ethereal taking the core developers, and let someone else edit the wireshark page.
I agree that they are not the same entity. But that doesn't mean that one cannot re-direct to the other. There are many examples of this all over the Wiki. --JimmyTheWig 16:51, 8 December 2006 (UTC)

Moved page[edit]

Well, as stated in the talk, I felt it shouldn't have been moved, so I moved as close as I could get back to where it was. Changes Guy made that apply to this I'll get around to re-doing soon, and try to post a seperate page for Wireshark.

Before anyone thinks about just moving this back, you should keep one point in mind. Ethereal is a comercial product. While it is free to use, it is supported by the company who owns the Ethereal name. Wireshark also has comerical support for Wireshark. By changing the name of the page, you play into what amounts to an ad campain for Wireshark aginst Ethereal. The holders of the Ethereal name have not stated what they will do with the product, but they, not Gerald Combs, have the rights to the name Ethereal. Why they have it, and not Gerald, I don't know. But the fact they kept it and not let him have it shows they want to use it. And I'm not sure if Ethereal soft will support wireshark or not if they have a true development fork. And since wireshark is under GPL, Ethereal can use the wireshark source. Hence, Ethereal is not now called wireshark. --Ozzy 98 22:58, 27 June 2006 (UTC)


Gerald Combs has taken his copyrighted source code with him, as well as all the developers source. He fell out with his ex-boss over the trademark and web hosting, which is all that remains at the old site, no code seems to have been checked in since May.

Since Ethereal is now defunct, it is of purely historical interest as part of the Wireshark article. Furthermore, there is nothing significant on the Ethereal article which has not already been merged across to the Wireshark article.

Therefore in my opinion, the Ethereal (software) article should be ditched and redirected to Wireshark.

Some relevant sources are the official position on the Wineshark homepage and the Ethereal changes name to Wireshark. In the latter one Combs describes it simply as a name and domain change not a fork.


What do you think? If you dissent, now is your chance?

Yes, merge it! Ethereal should mention Ethereal as the former name and link to Wireshark. Ethereal (software) should be a redirect to Wireshark for some time. And Ethereal should only be mentioned in the history of Wireshark. I already did that for de:Wireshark. --Phobie 17:33, 26 July 2006 (UTC)
Yes Merge is the best option since there is no actual Ethereal as of now. It has been already renamed Wireshark also there has been a logo change too as one can see. The Website declares the transition as follows "The Ethereal network protocol analyzer has changed its name to Wireshark. The name might be new, but the software is the same. Wireshark's powerful features make it the tool of choice for network troubleshooting, protocol development, and education worldwide." -- Huntscorpio 21:26, 26 July 2006 (UTC)
Recommend merger and redirect with an explanation of the name change on the new page. -- theprez98 07:47, 03 August 2006 (UTC)
Do not merge, since we just unmerged it. See the talk on ethereal to see why. It's still not the same program, Gerald willingly gave up the rights to the program, and while it's not a comercial program, the holders of the copyright for the name do offer comercial services for *ETHEREAL*, while the new company G works for also offers services for Ethereal\Wireshark. As I pointed out, they are no longer the same program, it's just not sure if any of them will surpass the otherone in updates (Or if ethereal will even be updated). Just read the talk on thereal for the reasons why we demerged the pages. (Or, rather, why I made a huge mess trying to, and some guy who's name I forgot fixed it for me... ) Ozzy 98 19:00, 22 August 2006 (UTC)
There isn't anything in Talk:Ethereal. My reading of the issue is that Ethereal is no longer developed on.
I vote for merging, possibly with an Ethereal section towards the bottom. -- BillWeiss | Talk 00:03, 15 September 2006 (UTC)
The "talk on ethereal" is Talk:Ethereal (software), as Ethereal is just a disambiguation page, and the page for the Ethereal application is Ethereal (software).
But, yes, nobody appears to be doing Ethereal development any more. Maybe we'll all be surprised and see updates from NIS, but I wouldn't hold my breath. Guy Harris 08:18, 16 September 2006 (UTC)
Support merge. The two articles are almost identical. æ² 2006-09-23t17:55z
Oppose merge. Wireshark and Ethereal just recently split and are still quite similar. As time goes by, they'll grow apart and we'll have to unmerge again.
Oppose for now. It's impossible to tell what the NIS (the old company) will do. Although Combs owns the code, it's under the GPL, so NIS is free to continue developing it under the Ethereal name. However, if they don't, Ethereal (software) should eventually be redirected here. Superm401 - Talk 22:32, 2 November 2006 (UTC)
Support the merge. The Ethereal site now points users to Wireshark. Ethereal development has ceased. Gerald Combs 15 Nov 2006
I don't see where on the Ethereal page that it points to wireshark, only mention of it from a wireshark are inside the mailing lists. And most of the mailing list hits sound like this: 18:00, 4 December 2006 (UTC)
It looks like most of the links were taken down on the 21st, but traces are still there. Take a look at the latest security advisory, this news item (no longer linked from the main page), and the HTML source of the download page, which has a link to Wireshark commented out.Gerald Combs 10 Dec 2006
Support the merge. It's not about whether Ethereal is Wireshark or visa-versa. If we have two different articles then they will be 90% the same. They will both talk about how the product works and will both talk about the split. Tinky Winky isn't the same as Teletubbies, but his page redirects there because that's the best place (for now) to have the information about him. --JimmyTheWig 16:52, 8 December 2006 (UTC)


Let's reconsider this. It seems like the Ethereal domain is fairly confused. However, the article correctly notes that an Ethereal security advisory noted critical security advisories in the latest version of Ethereal; Ethereal recommended switching to Wireshark. I really don't see them taking Ethereal any farther. As a separate note, does anyone have a source for who owns the copyright to Ethereal's codebase? It doesn't much matter thanks to the GPL, but it's a valid question. Gerald was an employee so it might be a work for hire (though there were apparently significant outside contributions). Superm401 - Talk 06:52, 9 December 2006 (UTC)

Most of the source code has copyright notices like
* Ethereal - Network traffic analyzer
* By Gerald Combs <>
* Copyright <year> Gerald Combs
in it; some files have other contributors' copyrights. Guy Harris 18:02, 9 December 2006 (UTC)

NIS doesn't hold copyrights on any Ethereal or Wireshark source code. They only own the trademarks on the name "Ethereal" and the "e" logo. Even if they did hold any copyrights, it should be pretty clear by now that Ethereal-as-a-software-project has ceased, and continued on as Wireshark. Gerald Combs 10 Dec 2006

I’d like to add my thoughts to this debate. I view the Ethereal name and project a lot like I do Mozilla Firebird. Although it is true that some developer could check out sources to the latest Firebird code and fork off from there, no sane person would do that as it is far less developed than Firefox. You will notice that Firebird on Wikipedia doesn’t even have a link to the software project, because for all practical purposes it was superseded by Firefox, both in common name and in the code. If the Ethereal code does restart development, then it would make sense to talk about the projects running in tandem, each with their own wiki page. Until that time, the Wireshark code is the continuation where Ethereal left off, and therefore the Ethereal code is obsolete. Just look at the version numbers in the formal releases to see this: Ethereal 0.99.0, Wireshark 0.99.2, Wireshark 0.99.3, etc. This is a continuation of the same project, and the old one is defunct, and even broken (see this advisory for how Ethereal is broken.) Even the Ethereal anoncvs site doesn’t respond. If someone can make a case for any continued development in Ethereal this will be different. Until then, all “Ethereal” can refer to is outdated code and the ‘e’ logo. This deserves making a note of, but no more than Mozilla Firebird deserves it. In short, I would like to see the Wireshark page treat Ethereal as Firefox treats Mozilla Firebird on its page. Pekster 21:59, 22 December 2006 (UTC)

I'm going ahead with this. No one has objected for two weeks. Superm401 - Talk 00:00, 25 December 2006 (UTC)

External links[edit]

Network Integration Services has nothing to do with this article. Per WP:EL, we shouldn't randomly link to the home pages of entities mentioned in article. I'm planning on deleting this link again, as the company is not notable and relevant enough to be wikilinked. Chris Cunningham (talk) 13:33, 23 January 2008 (UTC)

Please do not delete relevant content.
The Ethereal article was merged into Wireshark on December 24, 2006. Since that time, the history section has stated that Network Integration Services owns the Ethereal trademark. The company name was originally formatted as a wikilink. There is no Wiki page for Network Integration Services, I don't know if there ever was.
On January 21 I changed the non-functional Wikilink into a link to the Network Integration Services website. The next day, Thumperward undid the change with no explanation. I restored the link, adding a comment explaining why. Thumperward then removed all references to NIS, stating that if the company isn't notable enough for its own WP article, it isn't notable enough to be mentioned.
I disagreed with this, and reverted the change. I am not aware of any WP policy that makes such a statement, and I suspect I can find hundreds of articles that link to websites of companies that are not notable enough for WP articles.
Before removing this reference again, please cite WP policy to support the action.
BTW, full disclosure, I am an NIS employee, but editing WP is not part of my job description, and my actions here are my own, not requested by my employer. 74s181 (talk) 13:49, 23 January 2008 (UTC)
The company name can go back in, but not the hyperlink. WP:EL#Links normally to be avoided criterion 14 is the relevant rule here; the author's former employer is only tangentially related to the subject, and the link was not to a reference pertaining to the article but simply to the subject's home page. Chris Cunningham (talk) 14:11, 23 January 2008 (UTC)
I checked the WP:EL policy cited by Thumperward. From What to link:
Is it accessible to the reader?
The NIS website is open to all.
Is it relevant to the content of the article (useful, helpful, informative, factual, etc.)?
NIS still hosts the original Ethereal website, and is the owner of the trademark.
Is it a functional link, and likely to continue being a functional link?
The NIS website runs on a high availability VM cluster in one of the NIS data centers. We have 400mb of Internet bandwidth via two providers. I think it is likely to be functional for a while.
HOWEVER, the Advertising and conflicts of interest section says:
You should avoid linking to a website that you own, maintain or represent, even if the guidelines otherwise imply that it should be linked.
I don't own or officially represent NIS from a marketing standpoint. However, I can see that some might think there is a conflict of interest. Well, yes, I want to see the facts presented, I want NIS to get due credit for their part in Ethereal / Wireshark history. And if someone wants to know more about NIS, I want them to be able to find out.
I'd like to see what a third party has to say about this.
I'm out of time for now, I have to start my real job, which is NOT editing WP. <g> 74s181 (talk) 14:19, 23 January 2008 (UTC)
NIS are getting exactly as much recognition through the name being in the article as they are by being hyperlinked; they may not be getting as much free traffic, but Wikipedia doesn't owe people traffic. The actual Ethereal website described is referenced several times, and I'm perfectly satisfied with that because there's a clear and direct line of relevance. Chris Cunningham (talk) 14:26, 23 January 2008 (UTC)
The issue isn't 'free traffic', the issue is 'free flow of information'. You are still making the same argument. You don't think NIS meets WP notability, and therefore, you don't think that there should be any kind of link to more info on NIS, even if it is off WP. I disagree, I think there are many examples where a company or organization is mentioned on WP that isn't notable enough for a WP article, but is still linked to a website. So what if the NIS website doesn't say much about Ethereal, it's a company name, it's mentioned in a WP document, it should be easy for a reader to find more information on the company if they want. The easiest way to do this is to link the name. Isn't that the whole point of the WWW and indirectly, WP? The idea that text in one document is hyperlined to other documents with more information?
I don't have time right now to continue this discussion, but I'd still like to see an opinion from someone else. 74s181 (talk) 00:44, 24 January 2008 (UTC)
It would seem to me, Thumberward didn't know what the company was or how it relates (Nor did he check the link to see the relationship) and now wants to justify his orgional removal of said link. Or at least that's how I see it from here. (talk) 01:13, 24 January 2008 (UTC)
WP:OTHERSTUFFEXISTS is not a valid argument; other examples like this should also be corrected, for the same reason. And I haven't said that I don't believe that NIS fails to meet WP notability: I originally replaced the URL with a red link in order to WP:build the web and encourage people to add information on the company to Wikipedia. Chris Cunningham (talk) 09:47, 24 January 2008 (UTC)
That link was in refrence to the text it was linked too, and was a perfectly valid link (Unlike yours, I should point out) In the very first link you posted about wiki formating on what should be included, it seems to say that this link SHOULD be included. And if you looked at the older revisions when there was more ethereal information, it has much more realivance, since they own the copyright to ethereal, and they are in effect, the reason for the name change in the first place. What part of does the link go aginst? If anything, someone should put more about NIS in there, so that the history of ethereal could still be in there. —Preceding unsigned comment added by (talk) 23:55, 26 January 2008 (UTC)
(Preumably by "copyright" you meant "trademark" - most of the source code had Gerald Combs' name in the copyright notice, not NIS's, and the source that didn't had other people's or organizations' names; none of it was copyrighted by NIS.) Guy Harris (talk) 00:17, 27 January 2008 (UTC)

Portal:Free software: Wireshark is now the selected article[edit]

Just to let you know. The purpose of selecting an article is both to point readers to the article and to highlight it to potential contributors. It will remain on the portal for a week or so. The previous selected article was qmail - a mail server based on paranoid security. qmail is a rare piece of free software in that it is in the public domain.

For other interesting free software articles, you can take a look at the archive of PF's selectees. --Gronky (talk) 11:42, 14 April 2008 (UTC)

Things've moved on and the new selectee is software patents and free software. There you can find information about the problems, solutions, and court cases involving free software and software patents. --Gronky (talk) 12:25, 6 May 2008 (UTC)

New Branch 1.4.0 rc1[edit]

It would be great if somebody could tell us what the new branch does differently. (talk) 15:05, 11 June 2010 (UTC)

WP:SOAP tag[edit]

The article has a warning with WP:SOAP tag, claiming that this is advertising. I don't think this tag is justified at all. There may be commercial products which serve similar purposes, however this is one of the important standard tools in the open source community, and I don't hink this is biased in any way. Maybe it's helpful to add a warning about security issues. (Joise) -- (talk) 12:13, 14 November 2010 (UTC)

Tutorials and learning materials[edit]

I'm the author of udemy course "Wireshark tutorial: guide for beginners". I don't want to abuse wikipedia in any way or be accused of spamming so I decided to ask here first.

Would you find it acceptable to link such learning materials like my course on the Wireshark page? (talk) 21:34, 8 January 2015 (UTC)

External links modified[edit]

Hello fellow Wikipedians,

I have just modified 2 external links on Wireshark. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

YesY An editor has reviewed this edit and fixed any errors that were found.

  • If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
  • If you found an error with any archives or the URLs themselves, you can fix them with this tool.

If you are unable to use these tools, you may set |needhelp=<your help request> on this template to request help from an experienced user. Please include details about your problem, to help other editors.

Cheers.—cyberbot IITalk to my owner:Online 08:31, 1 April 2016 (UTC)

One checked and works, one changed to point to the new location. Guy Harris (talk) 08:53, 1 April 2016 (UTC)