Slashdot Mirror

← Back to Stories (view on slashdot.org)

RIP Ethereal, Long Live Wireshark

Posted by ryuzaki0 on from the shark-made-of-wires dept.

teknogeek0 writes "From Newsforge (also owned by OSTG), it appears that popular open source network traffic analyzer Ethereal has changed it's name to Wireshark. The surprising move was due to Gerald Combs, the founder of the project, changing jobs and having to leave the Ethereal trademark behind. From the article: 'I recently accepted a job with CACE Technologies, best known for WinPcap .... The move also means a major change for the project. We're continuing development under the name Wireshark, at http://www.wireshark.org/. The web site, mailing lists, bug tracker, SVN repository, buildbot, and other resources are already in place.'"

47 comments

  1. Wireshark... by cosmotron · · Score: 1, Insightful

    Reminds me of Gameshark... I think they could have done a better job renaming it.

    --
    Ryan - http://www.thecosmotron.com/
    1. Re:Wireshark... by jcims · · Score: 2, Funny

      Yeah, just ask the folks over at Joomla how to come up with a clever new name...

  2. Wrong ethereal link by Anonymous Coward · · Score: 1, Informative

    Maybe you should change the old URL to http://www.ethereal./ com/

    1. Re:Wrong ethereal link by lightspawn · · Score: 0, Offtopic

      ... and change "it's" to "its".

      That's almost as annoying as "alot".

    2. Re:Wrong ethereal link by Anonymous Coward · · Score: 0

      But not quite as annoying as you, I'm afraid.

    3. Re:Wrong ethereal link by Anonymous Coward · · Score: 0

      Definately.

    4. Re:Wrong ethereal link by Magdalene · · Score: 1

      perhaps the wireshark ate all the ethereels and is now too full to go anywhere.

      --
      -Magdalene --"there are 10 types of people in the world, those who read binary, and those who don't"
  3. At least it's not gone forever by afxzanac · · Score: 0

    This program has GOT to be one of the best cross-platform packet analysis programs available. I've used it on everything from Windows 98 to XP to MacOS to Linux, and it's the same interface for all. I'm glad to see it's not a TRUE R.I.P. Live on, Go Strong!

  4. Summary link is wrong by Tridus · · Score: 5, Informative

    Ethereal is at www.ethereal.com, not at www.ethereal.org.

    --
    -- "So they told me that using the download page to download something was not something they anticipated." - Bill Gates
    1. Re:Summary link is wrong by bsdluvr · · Score: 2, Funny

      That guy at ethereal.org will be really surprised when he sees his server bill :-)

  5. 14 by Ramble · · Score: 1, Funny

    In other news, scientists have invented a time machine that allows people to travel back to when they are fourteen, a time when names like shark and Kill3r are cool.

    --
    "Oh boy"
  6. Wrong link by lazlo · · Score: 0, Redundant

    Ethereal.org is definitely not a packet capture utility. Ethereal.com is what's sniffing the glue that holds the internet together.

    --
    Pound! Bang! Bin! Bash! is this a shell script or a Batman comic?
    1. Re:Wrong link by JDevers · · Score: 3, Informative

      Versus ethereal.org, they're just sniffing plain old glue from the looks of the site.

  7. I would have called it... by Anonymous Coward · · Score: 0

    NotSniffer
    ThatProgramThatCanSeeEverything
    EtherFAKE
    TCPDUMPONSPEED

  8. trademark? by Suppafly · · Score: 0

    does his old job own the trademark or something?

    1. Re:trademark? by wishus · · Score: 4, Informative

      does his old job own the trademark or something?

      Yes, according to the article.

      Several years ago, my former employer (NIS) registered trademarks for the Ethereal name and logo. At the time this provided valuable legal protection for the project. Unfortunately, when I left we weren't able to come to an agreement on the trademarks and they stayed behind.

      It's a good article. You should read it. ;>

    2. Re:trademark? by sdnoob · · Score: 1

      nice company there, hoarding the name instead of donating it to the project.

    3. Re:trademark? by multiOSfreak · · Score: 0, Redundant
      does his old job own the trademark or something?

      Yep, that pretty much sums it up.

      From TFA:
      "Several years ago, my former employer (NIS) registered trademarks for the Ethereal name and logo. At the time this provided valuable legal protection for the project. Unfortunately, when I left we weren't able to come to an agreement on the trademarks and they stayed behind."
      --
      Transistors and Beer!!
  9. Holding the ethereal trademark makes no sense by wowbagger · · Score: 4, Interesting

    I cannot understand why the company would want to hold onto the Ethereal trademark if the development of the project is moving to a new name. A trademark is, by definition, a MARK that you are TRADING under, so unless they are planning on continuing the project (a fork), there is no value to the mark.

    So the only thing that makes sense to me is that they plan on forking the project and continuing the development - which really would not make sense, as the odds are such a move would be viewed with great disdain by the community, and in all likelihood the project will be outstripped by the new Wireshark project.

    --
    www.eFax.com are spammers
    1. Re:Holding the ethereal trademark makes no sense by merreborn · · Score: 2, Informative

      Actually, a name itself can have value. My fiance worked for a small chain of coffee stands called "Jazzland". Appearantly, the trademark itself was the most valuable asset the company had.

      That's probably what's going on here. There's nothing preventing the guys who own the ethereal name from using it to label a totally different product.

    2. Re:Holding the ethereal trademark makes no sense by slashnik · · Score: 1
      It looks as if this is very close to a fork

      From the wiresahrk FAQ
      Wireshark is almost (but not quite) a fork. Normally a "fork" of an open source project results in two names, web sites, development teams, support infrastructures, etc. This is the case with Wireshark except for one notable exception -- every member of the core development team is now working on Wireshark.

    3. Re:Holding the ethereal trademark makes no sense by bradkittenbrink · · Score: 2, Informative

      It's really as simple as: no one has ever gotten sued by their shareholders for not giving assets away.

    4. Re:Holding the ethereal trademark makes no sense by cimetmc · · Score: 2, Informative

      NIS had a significant benefit in having control on the Etehreal name and web site. In fact, they have a daughter company called Ethereal software http://www.etherealsoft.com/ for which the business consists in providing services aroung Ethereal. By having control of the Ethereal name and web site, they have a very distinct advantage in promoting their services compared to other companies that would provide services around Ethereal. I can very well understand why they didn't want to give up the name Etehreal as giving up the name might mean the death of "Ethereal Software". Marcel

  10. Unfortunate name? by Anonymous Coward · · Score: 3, Interesting

    Though I guess "WireShark" kinda has a "kewl" ring to it, I'm a bit concerned because, let's face it, a shark is a predator. So you have to explain to people why you want to run some predatory application that captures packets on a network. At least with the old name you can say "hey, it's a diagnostic tool" without people giving you a "yeah, right" look that you'll now get with WireShark.

    1. Re:Unfortunate name? by gregmark · · Score: 1

      I thought the same thing when I saw the new name. In my particular government realm and workplace, we use Nagios instead of Big Brother -- not because Nagios is better suited to our monitoring needs but because the clueless committee heads that pull our strings equate "Big Brother" with sneaky-pete'n and wanton tomfoolery rather than basic network troubleshooting. Nagios appears to invoke some windswept Mediterranean island with pomegranate trees and azalea bushes. They love it. They don't understand how it works... but they love the name. Wireshark! Might as well call it the Super-Terrific-Credit-Card-Number-Looker.

    2. Re:Unfortunate name? by Vengeful+weenie · · Score: 1

      Yes, true. NetDog? EtherBarnicle? InterTurd? --This really should have been a slashdot poll.

  11. No RIP? by bitrot42 · · Score: 1

    All this time it didn't support Router Information Protocol?

    I'd change my name, too...

    --
    FIXME: Add a sig here
    1. Re:No RIP? by rodac · · Score: 1

      Nah, the lack of support RIP is a subtle message to network admins. Dont use RIP, it doesnt handle variable length netmasks so there will always be "surprises" when using RIP.

  12. Similar, alternative names... by jd · · Score: 1
    Ok, assuming they want something that represents wires and sharks, here are some alternative names:


    • The Sniffing Megalodon
    • Hammerhead Ether
    • Great White CAT


    Hmmm. Ok, those are crap, so I guess Wireshark isn't too awful.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  13. Obligatory Kent Brockman Quote by Bondolo · · Score: 1

    And I for one welcome our new cartilaginous overlords....

    --
    -- "Most people prefer a popular myth to an unpopular truth"
  14. Gotta love Google by MeanMF · · Score: 2, Funny

    "Did you mean: Wereshark"

    1. Re:Gotta love Google by Anonymous Coward · · Score: 0

      Here shark, there castle

    2. Re:Gotta love Google by Magdalene · · Score: 1

      you see, even google knows, now *THAT* would have been a better name.

      --
      -Magdalene --"there are 10 types of people in the world, those who read binary, and those who don't"
  15. Has the security improved? by Beryllium+Sphere(tm) · · Score: 0, Flamebait

    A couple of years ago the OpenBSD folks yanked Ethereal out of their ports tree, complaining of a terrifying number of exploits and a fix rate that didn't meet their expectations. Did that change?

    1. Re:Has the security improved? by Vector+Meson · · Score: 1

      If the Coverity (google: coverity ethereal) results are any indication things have gotten somewhat better, I'm not sure if any of the BSDs have changed their minds.

    2. Re:Has the security improved? by rodac · · Score: 1

      There has never been any exploits.
      There has been a number of dereference null pointer or forget to increase the loopcounter so end up in an infinite loop.
      Very few stack or buffer overflows have been in ether^wireshark.

      getting better or worse? Check out coverity which showed ethereal/wireshark having vastly fewer bugs per line of code than any other >1M loc project.
      Including the *BSDs.

    3. Re:Has the security improved? by Homology · · Score: 1
      If the Coverity (google: coverity ethereal) results are any indication things have gotten somewhat better, I'm not sure if any of the BSDs have changed their minds.

      From commit message removing Ethereal:

      Revision 1.4, Wed Jul 14 21:52:26 2004 UTC (22 months, 3 weeks ago) by pvalchev
      Branch: MAIN
      CVS Tags: HEAD
      Changes since 1.3: +0 -0 lines
      FILE REMOVED

      Remove ethereal from the ports tree. Right during 3.5, it had more than
      a dozen remote holes being fixed, that we shipped with. Weeks later
      things have not improved, and there continue to be problems reported
      to bugtraq, and respective band-aids - but it is clear the ethereal
      team does not care about security, as new protocols get added, and
      nothing gets done about the many more holes that exist.

      Maybe someone will at least privilege separate this one day, and then
      the OpenBSD stance with respect to this may change.

      Encouraging people to run broken software by distributing packages
      with known security holes is not desired by any of us.
    4. Re:Has the security improved? by cimetmc · · Score: 1

      Fixing security issues and improving coding style to avoid security issues has been a very bog concern in the Etehreal/Wireshark project over that last couple of years. for instance, unsafe string operations are now no longer tolerated in the code (e.g. the strxxx functions). A couple of people have run various source code analyzers against Ethereal/Wireshark, and each time, the developers where quick in fixing the issues found. Even for coverty, the statistics look very good compared to most other open source projects:
      http://scan.coverity.com/
      Also, given the rather quick release cycle, the fixes quickly make it into releases. So all in all, Etehreal/Wireshark is a very good project regarding security.

      Marcel

  16. Why care so much about Coverity? by Myria · · Score: 1

    I don't know why people give so much credence to Coverity. I don't see how it could possibly know what are bugs and what aren't. Didn't mathematicians and computer science people show this already as the Halting Problem? "Bugs per line of code" from a program is a ridiculous measurement to use.

    I've never used Coverity since it's impossible to get the program, but it wouldn't surprise me if it called anything that wasn't safe or good coding style a "bug". Like, yell at you if you use "strcpy". Or if you don't check for a NULL pointer when it can't be.

    What sucks is that some businesses in which the managers aren't programmers are starting to require that all code checked in pass tests of this kind with no exceptions. It hasn't happened at my company yet, thankfully.

    Of course, this comes from someone writing assembly language on a regular basis. >_

    Melissa

    --
    "Screw Sun, cross-platform will never work. Let's move on and steal the Java language." - Visual J++ Product Manager
    1. Re:Why care so much about Coverity? by Homology · · Score: 1
      I don't know why people give so much credence to Coverity. I don't see how it could possibly know what are bugs and what aren't. Didn't mathematicians and computer science people show this already as the Halting Problem? "Bugs per line of code" from a program is a ridiculous measurement to use.

      The Coverity program is useful for detecting some types of bugs in C and C++ programs. The OpenBSD developers has recently put effort into make lint more useful i.e. don't let you drown in false warnings.

      I've never used Coverity since it's impossible to get the program, but it wouldn't surprise me if it called anything that wasn't safe or good coding style a "bug". Like, yell at you if you use "strcpy". Or if you don't check for a NULL pointer when it can't be.

      There are some open source tools for this, like lint, but you easily will be drowned in warnings. On OpenBSD, gcc/linker has been enhanced to detect certain types of problems (like format errors in printf, or use of strcpy).

    2. Re:Why care so much about Coverity? by rodac · · Score: 1

      you are seriously mistaken. coverity is a most impressive tool.

    3. Re:Why care so much about Coverity? by rodac · · Score: 1

      As you say, you have never even seen the tool, which is why you have no idea of what it does. I use coverity and my experience is that it is incredibly useful and powerful.

  17. People still use this? by Cheetahfeathers · · Score: 0, Troll

    I thought this code jumped the shark a while ago.

  18. Ethereal only in name by layer3switch · · Score: 1

    Ethereal(tm) by NIS may turn into some cookware for all we know, but one thing is clear; GPL. Ethereal/WireShark was released under GPL, and name change will not affect the direction of development (as far as I know). Only thing uncertain here is what NIS will do with the name Ethereal(tm).

    NIS may hire new developers and continue on where Combs left off. In this case, NIS may come out as Ethereal(tm) main branch, and WireShark may be seen as fork even though CACE is the one with original project lead, Combs. Either case, both under GPL, Combs may have some tough time convincing distros from including two seperate ethereal products. This fact alone and its outcome will be very interesting.

    NIS may drop development and stop the contribution to the code branch and develop entirely new product and license. This case, it will be a name only product and hopefully community will make a swift change to WireShark in order to make the transition quick and painless. Worst case senario, I can think of Xorg and X11 case where most distros had tough time switching from X11 to Xorg fork while making crosslink compatible and transparent.

    I may be wrong on this, so I'll let Combs and NIS correct me.

    --
    "Don't let fools fool you. They are the clever ones."
    1. Re:Ethereal only in name by Anonymous Coward · · Score: 0

      "Combs may have some tough time convincing distros from including two seperate ethereal products. This fact alone and its outcome will be very interesting"

      Since when was any distro reluctant about including large amounts of functionally identical packages?

  19. man that sucks by blackjackshellac · · Score: 1

    I mean, I've probably only used ethereal ten times in my life, but I always loved the name. Damn. Wireshark is a horrid name, jeebus.

    --
    Salut,

    Jacques

  20. NetSheep by Vengeful+weenie · · Score: 1

    "There are two kinds of people. Sheep and sharks. Anyone who is a sheep is fired. Who is a sheep?"