Wireshark
- It is an open source software.
- It is very important tool used in Networking.
- Wireshark is a network packet analyzer.
- A network packet analyzer presents captured packet data in as much detail as possible.
- You could think of a network packet analyzer as a measuring device for examining what’s happening inside a network cable, just like an electrician uses a voltmeter for examining what’s happening inside an electric cable.
- In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, that has changed.
- Wireshark is available for free, is open source, and is one of the best packet analyzers available today.
Purposes of using Wireshark
- Network administrators use it to troubleshoot network problems.
- Network security engineers use it to examine security problems.
- QA engineers use it to verify network applications.
- Developers use it to debug protocol implementations.
- People use it to learn network protocol internals.
What Wireshark is not
Here are some things Wireshark does not provide:
- Wireshark isn’t an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn’t allowed to do. However, if strange things happen, Wireshark might help you figure out what is really going on.
- Wireshark will not manipulate things on the network, it will only “measure” things from it. Wireshark doesn’t send packets on the network or do other active things (except domain name resolution, but that can be disabled).
