Wireshark: Basic Tutorial
The Wireshark tool is used for analyzing protocols from your desktop. This tool sniffs traffic and provides a GUI to analyze packets from the network. It supports major operating systems, including Windows, macOS, Linux, and UNIX. This tool is used by network professionals, security experts, developers, and educators to understand network protocols and analyze traffic in a network. It is available free on the official website as an open-source and is released under the GNU General Public License version 2.
tshark is a command-line tool available for users who like black screens. Remember, tshark is the CLI pendant of Wireshark.
It is a perfect example of disruptive technology in the field of networking. Disruptive technology refers to innovation in any field, and creating a new market disrupts existing players in that field.
Download Link: https://www.wireshark.org/#download
Basic User Interface
Main features of Wireshark
- Deep Packet Inspection of protocols
- Live capture and offline analysis
- Runs on Windows, Linux, OS X, Solaris, and many others (multi-platform)
- Available in both GUI or command mode
- Filters are available to separate protocols
- Output can be exported to XML, PostScript, CSV, or plain text
- Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, and many others
- Capture files compressed with gzip can be decompressed on the fly
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform)
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
- Different coloring rules to identify problems
Conclusion
Wireshark is an awesome network analyzer that helps in understanding and analyzing network traffic. This tool is a one-stop solution to diagnose problems in a network. If you want to use a command-line equivalent tool for the same, use Tshark.
tcpdump is another command-line tool for analyzing network protocols.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.