Ethereal (network protocol analyzer) 0.99 is out

Ethereal is a tool I always use when I have any kind of network related problems. Be it a firewall dropping packets, a server that incorrectly sets cookies or even an overly clever application that tries to obscure the exact network resources it uses. Ethereal collects that network data all the way up and down the network stack and all the way into file formats, such as GIFs and XML. And it allows to filter on any of the fields it understand.

Usually Ethereal is updated every couple of months or so, but this time it was nearly 4 months. But the wait was worth it. They fixed a number of problems, made Windows experience just that tiny bit nicer and started to integrate a real scripting engine. They chose Lua.

This last one is a biggie. Ethereal has a lot of capabilities, but people always ask for just one more. Mine was to be able to extract all files of a particular mime-type out of the captured HTTP stream without having to click the payload packets one-by-one.

I have not looked in details yet, but from the example given it looks like it can plug into the menus and have a full interface presence as well as low-level procedure hooks.

Even with Lua being only an experimental addition, I really like the direction Ethereal team is taking. I only wish they actually explained the changed them made to the protocols. It is always nice to see more and more features in the HTTP dissector, but it would be nice not to have to actively hunt for them.

BlogicBlogger Over and Out