Part 1 | What is WireShark? | HackThatCORE

Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible.
It can be termed as a measuring device used to examine what's going inside an electric cable (but at a higher level).
Wireshark is perhaps one of the best open source packet analyzers available today.

Wireshark is mostly used by Network Administrators who use it to troubleshoot network problems, Network security engineers for examining security problems, QA engineers for verifying network applications, Developers use it to debug protocol implementations, People use it to learn network protocol internals, and so on.

Features of WireShark

The key features of Wireshark are as follows:

Available for UNIX and Windows.
Capture live packet data from a network interface.
Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a number of other packet capture programs.
Import packets from text files containing hex dumps of packet data.
Display packets with very detailed protocol information.
Save packet data captured.
Export some or all packets in a number of capture file formats.
Filter packets on many criteria.
Search for packets on many criteria.
Colorize packet display based on filters.
Create various statistics.

Image Courtesy: Wireshark captures packets and lets you examine their contents.

If you want to download Wireshark Software, then here is a link for you... Wireshark

Search This Blog

HackThatCORE - Computer science and technical blog