> I'm Marco fina an elettronic technician from Lexter ITALIA an Italian
> wireless computer company. Usually I use " MS Monitor " network
> analyzer for to check tcp/ip streams.The program run under win 95 P.C.
I assume "MS Monitor" is Microsoft Network Monitor. If so...
> I know how to configure and capture the streams, but my big problem is
> to read and to understand the capture data.
> So I saw your web site and I red that the Ethereal has the possibility
> to view the ASCII contents of a TCP connection,and is possible to use it
> with MS MONITOR program.
Yes, it has a "Follow TCP Stream" menu option, and it's capable of
reading capture files from Microsoft Network Monitor.
> Well,
> is it possible to have further information about this??
Ethereal is a GUI application, and we now have a version that should run
on Win32 operating systems - I'm not sure if it's been tested on Windows
95, but it has been run on Windows NT 4.0.
To read a Network Monitor file, you'd start Ethereal and then use the
"Open" item in the "File" menu; note that Ethereal uses the GTK+
window-system toolkit, so its dialog boxes, etc. don't work the same
way as Windows dialog boxes (the file selection dialog box works a bit
more like the Windows 3.x file selection dialog box). Ethereal
automatically figures out that the file is a Network Monitor file.
The display is the standard 3-pane display for network analyzers - the
first pane has a list of packets, the second pane has a detailed version
of the packet selected in the first pane, and the third packet has a hex
and ASCII dump of the contents of that packet.
If the packet selected in the first pane is part of a TCP connection,
the "Follow TCP Stream" menu item under the "Tools" menu will be
available - and, in recent versions of Ethereal, the right mouse button
will, in either the first or second pane, pop up a menu that has "Follow
TCP Stream" in it.
> and, which file can I download ????
A version of Ethereal for Win32 can be downloaded from
http://ethereal.zing.org/distribution/win32/
In that directory are two files:
ethereal-20000128.zip
which is a ZIPped file (you'll need an unZIPper program) containing
"ethereal.exe", the binary for Ethereal, and a UNIX-style manual page
for Ethereal, in HTML format, and
gtk-libs-19990828.zip
which is another ZIPped file containing some DLLs that Ethereal requires
(DLLs for the GTK+ window-system toolkit referred to earlier, etc.).
Those DLLs must be installed in a directory that's in your path, so
Ethereal will find them.
The version of Ethereal in there requires that the "HOME" environment
variable be set before running it; if it's not set, Ethereal will crash.
I'm not sure how to set it on Windows 95; on Windows NT, at least, it
should probably be set to refer to your "profile" directory (the
equivalent of what's called your "home directory" on UNIX). You can
probably set it to "c:\".
