Scribd Logo
Upload

Welcome to Scribd!

  • Wireshark

    Uploaded by

    ramuraja567
    22 views4 pages
    Wireshark

    Original Title

    Wireshark (2)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Wireshark

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views4 pages

    Wireshark

    Uploaded by

    ramuraja567
    Wireshark

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Wireshark

    Wireshark is the world's foremost network protocol analyzer. It lets you see
    what's happening on your network at a microscopic level. It is the de facto
    (and often de jure) standard across many industries and educational
    institutions.
    Wireshark development thrives thanks to the contributions of networking
    experts across the globe. It is the continuation of a project that started in
    1998.
    Wireshark is a free and open-source packet analyzer. It is used for
    network troubleshooting, analysis, software and communications
    protocol development, and education. Originally named Ethereal, in May
    2006 the project was renamed Wireshark due to trademark issues.
    Wireshark is cross-platform, using the GTK+ widget toolkit in current
    releases, and Qt in the development version, to implement its user interface,
    and using pcap to capture packets; it runs on GNU/Linux,OS X, BSD, Solaris,
    some other Unix-like operating systems, and Microsoft Windows. There is
    also a terminal-based (non-GUI) version called TShark. Wireshark, and the
    other programs distributed with it such as TShark, are free software, released
    under the terms of the GNU General Public License.

    Features
    Wireshark has a rich feature set which includes the following:

    Deep inspection of hundreds of protocols, with more being added all


    the time

    Live capture and offline analysis

    Standard three-pane packet browser

    Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD,


    NetBSD, and many others

    Captured network data can be browsed via a GUI, or via the TTY-mode
    TShark utility

    The most powerful display filters in the industry

    Rich VoIP analysis

    Read/write many different capture file formats: tcpdump (libpcap),


    Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network
    Monitor, Network General Sniffer (compressed and uncompressed),
    Sniffer Pro, and NetXray, Network Instruments Observer, NetScreen
    snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar
    Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets
    EtherPeek/TokenPeek/AiroPeek, and many others

    Capture files compressed with gzip can be decompressed on the fly

    Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM,
    Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on
    your platform)

    Decryption support for many protocols, including IPsec, ISAKMP,


    Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2

    Coloring rules can be applied to the packet list for quick, intuitive
    analysis

    Output can be exported to XML, PostScript, CSV, or plain text

    Some intended purposes


    Here are some examples people use Wireshark for:

    Network administrators use it to troubleshoot network problems

    Network security engineers use it to examine security problems

    Developers use it to debug protocol implementations

    People use it to learn network protocol internals

    Beside these examples Wireshark can be helpful in many other situations


    too.

    Figure. Wireshark captures packets and lets you examine


    their contents.

    Advantages
    1. Live capture from many different network media
    Wireshark can capture traffic from many different network media
    types - and despite its name - including wireless LAN as well. Which
    media types are supported, depends on many things like the
    operating system you are using
    2. Import files from many other capture programs
    Wireshark can open packets captured from a large number of other
    capture programs.

    3. Export files for many other capture programs


    Wireshark can save packets captured in a large number of formats
    of other capture programs.
    4. Many protocol decoders
    There are protocol decoders (or dissectors, as they are known in
    Wireshark) for a great many protocols.
    5. Open Source Software
    Wireshark is an open source software project, and is released under
    the GNU General Public License (GPL). You can freely use Wireshark
    on any number of computers you like, without worrying about
    license keys or fees or such. In addition, all source code is freely
    available under the GPL. Because of that, it is very easy for people
    to add new protocols to Wireshark, either as plugins, or built into the
    source, and they often do!

    Disadvantages
    Here are some things Wireshark does not provide:

    Wireshark isnt an intrusion detection system. It will not warn


    you when someone does strange things on your network that
    he/she isnt allowed to do. However, if strange things happen,
    Wireshark might help you figure out what is really going on.

    Wireshark will not manipulate things on the network, it will only


    "measure" things from it. Wireshark doesnt send packets on the
    network or do other active things (except for name resolutions,
    but even that can be disabled).

    You might also like