Re: [ethereal-users] Ethereal in NT

[Guy Harris <guy@xxxxxxxxxx>]

> I downloaded ethereal for NT but I can't figure out what to put for my
> interface.  In linux I just put /dev/et0 or something like that.

In Linux, you probably use "/dev/eth0" - but "eth0" should be
sufficient; on most if not all UNIX-compatible OSes, the "/dev/" is
unnecessary when specifying to a libpcap-based program (such as tcpdump,
or Ethereal, or Tethereal, or...) a networking device on which to
capture packets.

> What should I use for NT?

A name derived from the name that the "ipconfig" command reports:

	C:\>ipconfig

	Windows NT IP Configuration

	Ethernet adapter E100B1:

		IP Address. . . . . . . . . : XXX.XXX.XXX.XXX
		Subnet Mask . . . . . . . . : XXX.XXX.XXX.XXX
		Default Gateway . . . . . . : XXX.XXX.XXX.XXX

Unfortunately, on NT, you can't omit "\Device\", and you also have to
insert "Packet_" in front of it, so "\Device\Packet_E100B1" would be
what you'd use on the machine in the example.

WinDump, according to the text at

	http://netgroup-serv.polito.it/windump/docs/manual.htm#Wdump

has a "-D" flag, to list the interface names, because "These names are
not very easy to obtain in Windows".