Linux Format talks to Gerald Combs and Loris Degioanni, about creating Wireshark, the origins of network packet analysis, and how they want their shark to fly...

Loris (fourth from left) and Gerald (furthest right) with the team from CACE Technologies in 2007.

One of the best known open source networking tools in the world, Wireshark is used by hackers and sysadmins alike to capture and analyse network packets across a myriad of situations for troubleshooting and logging. As we’ll discover, it was also one of the earlier open source projects to cross the then prickly divide between Linux and Windows. We talk to Gerald Combs and Loris Degioanni about how the project started and developed, and to discover more about their latest systemwide analysis tool, Stratoshark.

Linux Format: It’s nice to know people’s background, so what was your first experience with computers and how did you get involved with Linux and open source?

Gerald Combs: My first experience with a computer? I’m gonna be giving away my age here… My parents bought me a Timex Sinclair 1000 (the US ZX81 model), which was this tiny, very inexpensive, minimum viable computer. That’s what got me hooked. What got me into networking, I was studying computer science, took a networking class, and I got hooked from there.

At the same time as attending classes, I was working in the computing services department, and part of my job was to troubleshoot the network. They gave me this network sniffer. It was this device that weighed quite a bit. It cost as much as a luxury car, and I got to lug it around campus and plug it into different parts of the network and do troubleshooting.

After that I took a job at a small ISP that couldn’t afford a sniffer. It just didn’t have the budget for it and that’s what gave me the impetus to start writing a protocol analyser. At this point, luckily, the PCAP library that lets you do packet capture had been released, so it was easy to plug into that.

Suddenly I had this analyser and released it to the public. I released it as open source because at that time, I had used quite a bit of open source software and it just seemed like a really good way to give back to the community. As it turned out, this was a great move, because releasing it as open source let a whole bunch of people contribute, and that’s where we got our initial developer base. The project also just grew from there. We got a really big boost in our user community when we added in support for WinPCAP, which is kind of where Loris joins in. This let us expand our user base to Windows users, and suddenly we have this explosion of users and this large community.

Loris Degioanni: My first computer was a Commodore 64 – I’m old as well! The computer where I actually learned a lot of stuff and that made me a programmer was an Amiga. I was 14 or 15, and I got a summer job as a bartender in Italy. I got enough money saved to buy myself either a computer or a scooter. Everybody in Italy at that time wanted a scooter, and all my friends were buying them. I decided to buy the computer because I was so passionate about that, and that’s where I started programming. So, that’s what got me into operating systems and Linux.