Development status Active Operating system | Written in C | |
![]() | ||
Developer(s) Riccardo Ghetta, Juan Toledo, Zev Weiss Initial release February 17, 2000 (2000-02-17) Stable release 0.9.15 / February 10, 2017; 24 days ago (2017-02-10) |
EtherApe is a packet sniffer/network traffic monitoring tool, developed for Unix. EtherApe is free, open source software developed under the GNU General Public License.
Contents
Functionality
Network traffic is displayed using a graphical interface. Each node represents a specific host. Links represent connections to hosts. Nodes and links are color-coded to represent different protocols forming the various types of traffic on the network. Individual nodes and their connecting links grow and shrink in size with increases and decreases in network traffic.
EtherApe version 0.9.14-1 still depends on GConf, GnomeVFS and GTK+ version 2. Sooner or later somebody might port it to dconf, GVfs, D-Bus and GTK+ version 3 or 4.
History
Originally authored by Juan Toledo, the first version of EtherApe (version 0.0.1) was released on February 18, 2000. In a 2006 survey, Insecure.org named EtherApe number 43 on its list of the "Top 100 Network Security Tools". The most recent version of EtherApe, authored by Zev Weiss and Riccardo Ghetta, is 0.9.15 and was released on February 10, 2017.
Features
Some of the features listed about EtherApe include (the following list refers to version 0.9.15 of EtherApe):
Security
EtherApe requires root privileges to capture packets (but not to replay captured files). As of release 0.9.15 capturing is delegated to a separate process, while the main interface can run with lower privileges, significantly reducing the risk associated with capturing packets from untrusted sources (e.g. Internet).