AMP AMP

How to Install And Use EtherApe On Ubuntu 16.04

To Install And Use EtherApe On Ubuntu 16.04

EtherApe is a free and open source packet sniffer/network traffic monitoring tool, developed for Unix/Linux, and it is called EtherApe as it is modeled after etherman. It displays network activity graphically. It supports Ethernet, FDDI, Token Ring, ISDN, PPP, SLIP and WLAN devices, plus several encapsulation formats. It can filter traffic to be shown, and can read packets from a file as well as live from the network. It is so simple to install and use EtherApe, and this tutorial covers the ground on the same process.

Installing EtherApe

First, before you begin the process, make sure you update your system by running the following command.

root@localhost:~# apt-get update
Hit:1 http://in.archive.ubuntu.com/ubuntu xenial InRelease
Hit:2 http://security.ubuntu.com/ubuntu xenial-security InRelease 
.
.
Reading package lists... Done

And after that you shall proceed with the installation of EtherApe.

root@localhost:~# apt-get install etherape
Reading package lists... Done
.
.
Processing triggers for menu (2.1.47ubuntu1) ...
Reading package lists... Done

Once the installation is competed, you shall open the EtherApe application by simply running the following command.

root@localhost:~# etherape

Your EthernetApe applciation will now appear on your screen.

With EthernetApe, you can cutomize its configuration.

You can also check all the information about the Connection.

You can also choose a specific field to see detailed information about it.

With this, the installation of EtherApe On Ubuntu 16.04 comes to an end.


Tag : Ubuntu EtherApe 
FAQ
Q
I can't see any text, just little squares. What gives etherape?
A
Go to preferences and change the text font. Make sure you save your changes
Q
Is it possible to see just traffic within my network? Is it possible to see just traffic to/from the internet?
A
You can indeed filter traffic. Have a look at the filter entry in preferences->capture->filter
Suppose your network address starts with 213.227
If you only want to see traffic within your network, then the proper syntax is
ip and src net 213.227 and dst net 213.227
Q
What's the format for etherape of /etc/ethers?
A
Just pairs of Ethernet addresses and names, like
00:40:33:35:80:5F LAZARO
00:40:33:35:80:6D NEBAJ
00:C0:26:A2:58:FE ARGOS
Q
What is this app used for?
A
EtherApe is a free and open source packet sniffer/network traffic monitoring tool, developed for Unix/Linux, and it is called EtherApe as it is modeled after etherman. It displays network a
Q
I have a VLAN network and EtherApe shows traffic only at the Link Layer level?
A
There is a quirk in pcap. To filter VLAN traffic you need to start the expression with 'vlan' and all traffic must be VLAN-tagged.
To see only IP-type traffic on a VLAN, your filter must be vlan and ip, instead of just ip.
Note that ip and vlan doesn't work.