Since one has to install the WinPcap packet capture driver to run
Ethereal, I have major security concerns. For instance, this page (as
an indicator of the possibilities) is alarming to me:
http://winpcap.mirror.ethereal.com/docs/man/html/group__remote__help.html
You have to have a daemon running on the remote machine to do this
(either as a UNIX daemon or a Windows service), and if someone has
placed such a daemon on your system without your knowledge, you have
worse problems as you have already been "owned". The page also says
it is "experimental". It uses username/password authentication,
unless you use -n (Null authentication) switch which they do say to
only use with the -l switch which only allows listed hosts to connect.
Never really needed a network protocol analyzer anyhow. At the very
least, I would advise novices to stay away from this type of program.
Unless you have at least some introductory CCNA-level knowledge, these
things would be incomprehensible to a novice anyway. I just finished
the first course in the CCNA sequence at the City College of San
Francisco, and part of the course was to play around with an protocol
analyzer. Just for kicks, I downloaded Ethereal in addition to the
mandated one for the course and found it had similar - if not quite so
advanced - capabilities as a product costing several thousand dollars.
So it's not off-topic, but I'd agree that most people coming to acf
probably wouldn't be that interested.
