PRACTICAL PACKET ANALYSIS Using Wireshark to Solve Real-World Network Problems
by Chris Sanders
ISBN-10: 1-59327-149-2
ISBN-13: 978-1-59327-149-7
Publisher: William Pollock
Production Editor: Christina Samuell
There are three primary ways to capture traffic from a target device on a switched network: port mirroring, ARP cache poisoning, and hubbing out.
Wireshark has a very rich history. Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out ofnecessity. The very first version of Combs’ application, called Ethereal, was released in 1998 under the GNU Public License (GPL).
Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities. Unfortunately, his employer at that time had full right to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.” Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
Wireshark has grown dramatically in popularity, and its collaborative development team now boasts over 500 contributors. The program as it exist
under the Ethereal name is no longer being developed