> I tried to install ethereal-setup-0.8.19.exe on my Win2k prof computer.
> WinpCap 2.2 does not work. You need to go to
> http://microsystems.homestead.com/sniffer.html and get the
> Analyzer_package.zip file which contains WinpCap 2.1. When I uninstalled
> WinpCap 2.2 and then installed WinpCap 2.1, Ethereal worked!
And when I installed WinPcap 2.2 on my W2K Professional machine here,
Ethereal worked just fine.
We have no reason to believe, therefore, that Ethereal requires WinPcap
2.1. Your 2.2 may have been misinstalled, or there may be some problem
on your machine that keeps it from working with any capture program.
> One thing I noticed that may be a problem.
>
> I'm trying to use Ethereal to test whether SSL is working on my web site.
> So I went to BankOne's site at http://www.bankone.com/ and tried to logon to
> their Online banking thinking they would use SSL. I used Ethereal to
> capture the packets so I could compare their packets to my packets. Well,
> this worked, except that when I stopped the capture, my Norton virus program
> told me it had quarantined the CodeRed Worm in a file called
> "etherXXXXa01884"!!!
Well, if there was a Code Red attack going on while you were doing the
capture, the capture might well contain a string that might also be in
the Code Red program, if that's what the virus program looks for.
Or perhaps the signature for which it looks is sufficiently non-specific
that legitimate network traffic could look like a signature to it.