EtherApe is a graphical network monitor for Unix that come with most of the GNU/Linux distrubution but is not, now is present in MacPorts for Mac OS X and but has no porting for Windows as well.
The best use of EtherApe is when it’s installed on a server (or any GNU/Linux machine) connected to the last-hop of your network to allow it to ‘sniff’ (analyze) the whole traffic getting in-and-out of your network. I suggest to put it on the switch or hub that connects your network to the router.
Normally we monitor and manage our network from our workstation trying to access as less as possible the screen of our servers. Because EtherApe would be installed on one of our servers to visualize its output on our screen avoiding the user of screen remotization like VNC, TeamViewer or LogMeIn we need to use X11 protocol forwarding via SSH.
This solution implies that we have and X11 service running on our workstation.
If we are working on a Linux machine it can’t be more easy as we mostprobably are working on a X11 implementation.
If run Mac OS X then we ned to installe Apple’s X11, and you can find the installer inside the Installation disc.
For Windows the game is more tough because it’s not a Unix based system and a X11 server implementation is not part of the standard applications offered as part of the installation options.
Fortunately come in hand the project Xming a free implementation of X Server for Windows: https://www.straightrunning.com/XmingNotes/
The steps to visualize EtherApe on your workstation are:
- Install EtherApe on your GNU/Linux server:
i.e. on a GNU/Debian server:# apt-get install etherape
- Install X11 on your workstation:
- On Linux most probably you have installed x.org package
- On Mac OS X you install the package that you find in the installation disc
- for windows you need to donlaod the public release of Xming:
https://sourceforge.net/project/downloading.php?group_id=156984&filename=Xming-6-9-0-31-setup.exe
- Install an SSH client on your workstation
- On Linux and Mac OS X it is part of the base system installtion
- On Windows you need to install PuTTY:
https://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
- Enable X11 forwarding through SSH on your server:
- Edit the file /etc/ssh/sshd_config and add or modify the X11 forwarding setting to
X11Forwarding yes
then restart the SSH service to load the new configuration
- On Windows only configure Xming to connect via the SSH client to your Linux server and specify to run the program xterm (or any other terminal application you have installed on your server) and specify as connecting user root or any sudoer user because EtherApe needs root privileges to turn the network card in listening mode.
- run EtherApe from the ssh connection just fireing the command ‘etherape’
Have fun!
