Wireshark · Ethereal-dev: Re: [Ethereal-dev] Ethereal Client/Server Model

Ethereal-dev: Re: [Ethereal-dev] Ethereal Client/Server Model

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Brad Hards <bhards@xxxxxxxxxxxxxx>

Date: Sun, 11 Jan 2004 15:57:22 +1100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 10 Jan 2004 09:19 am, donnie@xxxxxxxxxxx wrote:
> > I'm more interested in a more complete client/server model. It should
> > include:
> >
> > 1) User authentication
> >
> > 	A flexible model including local (on server) authentication or
> > 	external authentication server.
SASL might be a good concept here.

> > 2) Data encryption
> >
> > 	The client/server communications must support encryption. In
> > 	addition non-encrypted traffic should be an option.
>
> I need some help here... not exactly sure how to implement the
> encryption. Any ideas?
SSL. Just watch the (exagerrated) license issue with OpenSSL.

> > 3) Client/Server Traffic

> > 4) Filters
> >
> > 	The client should be able to set capture and display filters
> > 	on the server.
There is IETF work that does sampling work (more for high level tools that 
this sort of capture). I think the area is called PSAMP or something like 
that. Yep, here we go: 
http://www.ietf.org/internet-drafts/draft-ietf-psamp-framework-05.txt

> When you start a capture in ethereal and the "capture options" window
> pops up, if we could simply enter an IP instead of a device then
> "connect" with the options and/or filters specified in the "capture
> options" window then we would not need to re-develop some of the
> interface, but transfer the options to the server.
I'd like to see something like SLP or DNS-SD used, so that if Ethereal is 
built with remote capture support, it can automatically find the potential 
capture sources.

> > 	Multiple client connections on a server.
I think the client and server terms are confusing here. If I understand this, 
you want to be able to display multiple capture sources simultaneously on a 
single display.

> > 	Multiple server connections from a client.
And this means that information from a single source can be displayed on 
multiple machines simultaneously.

Brad
- -- 
http://linux.conf.au - I'm registered. Are you?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFAANe/GwwszQ/PZzgRAlTjAJwMAHTrD11PCXSoZ9qxJaEM5s9fJgCfajAH
0ExWR7U2qlSIu9ZkqjZGbZ0=
=xsvd
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: [Ethereal-dev] Ethereal Client/Server Model
  - From: Guy Harris

References:
- RE: [Ethereal-dev] Ethereal Client/Server Model
  - From: donnie

Prev by Date: Re: [Ethereal-dev] New dissector for content type multipart/mixed (2)
Next by Date: Re: [Ethereal-dev] [PATCH] T.38 dissector improvements
Previous by thread: RE: [Ethereal-dev] Ethereal Client/Server Model
Next by thread: Re: [Ethereal-dev] Ethereal Client/Server Model
Index(es):
- Date
- Thread

Riverbed Cascade Pilot: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Riverbed AirPcap: Complete Visibility of Your Wireless Networks; Multi-Channel, Aggregated Analysis; Portable and Versatile; Easy to Setup and Easy to Use; Ready to Power Your Application

$Riverbed TurboCap: Full-Speed GbE Capture; Port Aggregation; Pass-thru Mode; Aggregating Tap; Full-Speed GbE Injection; Exported Interfaces; TurboCap API Developer\'s Pack$