Wireshark · Ethereal-dev: Re: [Ethereal-dev] Another Windows-only sniffer: PacScope ...

[Kevin <kem2@xxxxxxx>]

On Tuesday, September 2, 2003, at 05:57 PM, Andreas Sikkema wrote:

> Richard Sharpe wrote:
> > I
> > imagine that most people who use Ethereal seriously use it for its
> > analysis capabilities rather than for capturing.
>
> You are wrong ;-). Most people I know and we use Ethereal daily (eh
> hourly, er very minute some days) never, ever use tethereal. I have
> never seen anyone use it acutally...

Ummm, we use tethereal all the time, chopping down large (>8 GB) traces 
quickly, pulling out stats using -z.  Driving it with scripts is a easy 
way to get work done.  I can email or im someone who knows nothing 
about tethereal a command line to drive it and do a capture.  This is 
great at 2 am.  Also, i can run tethereal over a dial up connection, 
not easy to do with X.

Ethereal is used almost exclusively for post-capture analysis, not 
capture.  For that we will use tcpdump, tethereal, snoop, thg, etc to 
minimize the overhead and prevent dropping packets.

I guess this shows the flexibility of ethereal and how it fills so many 
different needs.

Kevin