> OK,
>
> now that I have the structural parts of docbook behaving for me so I can
> produce a document, I need some content.
>
> Could those who have developed a dissector tell me a little about how you
> came upon Ethereal, and what motivated you to start working on Ethereal?
>
> I need stuff for the small section on a short history of Ethereal.
>
I was sent on a mission with a few others to work on a big trading
floor which was in great trouble. The final data delivery network was
a token ring consisting of several dozens of rings made of 3com hubs
connected with Madge switches. This network hadn't been properly
monitored for years, and was crashed almost daily by broadcast
storms. We first started to analyze the network with SnifferPro on NT
machines, but the trouble was that they were having "blue screen" as
soon as the storm was beginning. Good detection, but poor analysis. I
found ethereal on the web and we started using it first on AIX
machines, then on Linux boxes with the Olicom token ring card. We were
able to understand what was hogging the bandwith and, by moving all
the rogue traffic to other networks, we fixed the problem.
A few months later we ran into new troubles, this time on a 100Mbs
switched Ethernet network were the spanning tree was changing at
random times for no apparent reasons. We had a very difficult week in
trying to understand what the problem was, but were unable to. On a
Friday afternoon, I started to write the Spanning Tree Protocol
dissector. Thanks to the clean structure of the code, and the
explanations and many examples coming with the distribution, I was
able to complete the dissector in only a few hours. We looked at all
the ten switches we had in the network, and, being able to see the
protocol at work, we had fixed the problem late in Friday's night...
--
Christophe Tronche ch.tronche@xxxxxxxxxxxx
marchFIRST (France) http://tronche.com/