Exclusive Interview with Packet Capture Innovators – Part II

This is the second part of our ‘Exclusive Interview’ series with Packet Capture Innovators. In the first part we have covered interview with “Steven McCanne – Creator of TcpDump/Lipcap”



Here we present another exciting interview with ‘Gerald Combs’ – creator of Wireshark – a boon for anyone involved with computer networks.


Gerald Combs – Creator of Wireshark
Director, Open Source Projects
Riverbed Technology

SecurityXploded (SX): What prompted you to create Ethereal (now Wireshark)?
Gerald Combs (GC): Necessity. I was working at an ISP as a system administrator for clients like the Kansas City Chiefs (an American football team), Apple, AT&T, Ditch Witch and others. I needed to troubleshoot network problems and needed an interactive protocol analyzer for Linux and Solaris. Over the course of a few months, I wrote the first version of Ethereal in my spare time. I made use of a lot of GPL software at the time (and still do), so I decided to contribute back by releasing Ethereal under the GPL.

SX: Do you have any challenging situation during development of Wireshark, and if so, can you please share your experience?
GC: Development was easy compared to hosting. This was before sites like SourceForge existed, unless your project was sponsored by a company or a university, you had to fend for yourself. I traded consulting for local ISPs in exchange for hosting the project’s web server.

Due to the “fluid” nature of ISPs during the dot com boom, I had to move the web server quickly a couple of times. In one instance, I ended up helping the owner move equipment into a barn. And at the time, horses already occupied it.


SX: What is the reason behind changing the name from Ethereal to Wireshark?  Was it a difficult move considering huge fans around Ethereal?
GC: In 2006, I was given the opportunity to work at CACE Technologies, which I gladly accepted. My previous employer owns the Ethereal trademark and we were unable to come to an agreement to purchase the trademark.

Letting go of the Ethereal name was difficult at first. However, the reactions from the development team and the user community were very supportive and positive. More than one person has mentioned that they like the name “Wireshark” better. There’s certainly less confusion about its pronunciation.


SX: How has being the creator of Wireshark has helped your career, especially Riverbed Technology?
GC: Wireshark has given me the opportunity to work with two development teams (Wireshark and Riverbed) made up of some of the most talented, knowledgeable professionals in the networking industry. The experience has been awe-inspiring.


SX: How do you feel working together with other folks (Steve and Loris) from the #Packetcap Revolution?
GC: It is great. Steve and Loris are not only brilliant but they are genuinely nice people as well.


SX: We have a lot of readers who use your tools. What is your message to all those huge fans of Wireshark?
GC: Thank you all! Working on Wireshark is the adventure of a lifetime and it is an honor to be part of it.


Next : Exclusive Interview with Packet Capture Innovators – Part III (Loris Degioanni – Winpcap)

Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]

Leave a Reply

Our Company

Follow us on Facebook

Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list