Dissecting network traffic

Update to Upgrade 2.0

Thanks to Jan Andrejkovic for pointing out a tool I missed in my column "Upgrade 2.0" [5]. Fedora ships with a program called Presto [6] that uses DeltaRPMs to provide smaller updates. In my first test, a normal update would have required 972MB of downloads, but with Presto, it was a mere 224MB (pretty impressive savings). Fedora 11 now includes a yum-presto package (not to be confused with the presto package that is a graphics-related engine) that is a plugin for the yum program. Installation is simple:

yum install yum-presto

First, manually update your /etc/yum.repos.d/fedora-updates.repo to include either a baseurl or mirrorurl pointing to a site that carries the presto RPMs (they are signed with the GnuPG key of Jonathan Dieter, so you need to trust him). Alternatively, you can run your own repository and create RPMs with the presto-utils. If you have more than one system, this might be your best bet.

Infos

  1. Wireshark: http://www.wireshark.org/
  2. Wireshark source code stable download: http://www.wireshark.org/download/src/
  3. Wireshark source code devel download: http://www.wireshark.org/download/automated/src/
  4. Wireshark security vulnerabilities: http://www.wireshark.org/security/
  5. "Upgrade 2.0" by Kurt Seifried, Linux Pro Magazine, October 2009, p. 66: https://www.linux-magazine.com/w3/issue/107/066-067_kurt.pdf
  6. Presto: https://fedorahosted.org/presto/

The Author

Kurt Seifried is an Information Security Consultant specializing in Linux and networks since 1996. He often wonders how it is that technology works on a large scale but often fails on a small scale.

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Wireshark

    If you know your way around network protocols, you can get to the source of a problem quickly with Wireshark.

  • Capture File Filtering with Wireshark

    Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

  • An Essential Sys Admin and Security Tool

    Wireshark fills the gap between security and system administration for those who need to know more about what’s flowing through the wires or over the airwaves in the corporate network.

  • Wireshark's New 1.2

    Wireshark 1.2 introduces a few "new and exciting" features for its network protocol analyzer software.

  • Tshark

    The simple and practical Tshark packet analyzer gives precise information about the data streams on the network.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News