Wireshark (known as Ethereal until a trademark dispute in Summer 2006) is a fantastic open source multi-platform network protocol analyzer. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tshark is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).
For downloads and more information,
visit the Wireshark homepage.
Wireshark is an invaluable resource! Not only is the GUI interface very user friendly, the DOS counterpart, dumpcap is also really nice, and stateless. I've used it under Windows and Linux, for wired and wireless networks. Add on the Airpcap device and your radiotap is now integrated with a very powerful Sniffer.
Perhaps I'm missing something. When I goto the wireshark website I don't find anything for linux even though your page says it runs natively on linux. I find source code but nothing else. Is there actually a version for linux or is that a mistake? Thanks. :)
Would be lost without it. From SPAN to sniffing to using with GNS3, this is an absolute must for every network engineer regardless of experience or skill.
This is an amazing, feature rich, mature and highly useful tool for troubleshooting a wide variety of network problems. The Voip tools are an especially nice component, providing a way to handle an otherwise very tedious process. I would give it ten stars if I could. Thanks to everyone who soo much hard work into this project.
This is by far one of the most important tools for someone that is doing security work. I utilize this tool on every engagement I work, and for learning about new protocols. This is the "Don't leave home without it!"
Your comment
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).
1
Wireshark is an invaluable resource! Not only is the GUI interface very user friendly, the DOS counterpart, dumpcap is also really nice, and stateless. I've used it under Windows and Linux, for wired and wireless networks. Add on the Airpcap device and your radiotap is now integrated with a very powerful Sniffer.
linux bits can be grabbed directly from distributions..
Agree with the other posters, it doesn't seem like wireshark supports linux.
Anyone got a link to the "linux" bits?
Perhaps I'm missing something. When I goto the wireshark website I don't find anything for linux even though your page says it runs natively on linux. I find source code but nothing else. Is there actually a version for linux or is that a mistake? Thanks. :)
Makes for great traffic analysis under any circumstance. A must have.
Can someone please explain the differences between Wireshark and Snort.
Good Wireshark but boy its making my life easy to explore more n more, Great Tool
Some weeks ago I installed wireshark without success. With your guide I was able to get it work.
Thanks
thank you..thank you..thank you..thank you..thank you..thank you..thank you.. for making visualize pakets
I agree with the above, Wireshark is a must have.
The best sniffer. Thank you for this big security guide ....
The Best Ever Sniffer, could do my job without it !!!
Would be lost without it. From SPAN to sniffing to using with GNS3, this is an absolute must for every network engineer regardless of experience or skill.
This is an amazing, feature rich, mature and highly useful tool for troubleshooting a wide variety of network problems. The Voip tools are an especially nice component, providing a way to handle an otherwise very tedious process. I would give it ten stars if I could. Thanks to everyone who soo much hard work into this project.
new to Wireshark but boy its making my life easy to explore more n more, Great Tool. Bravo
Simply the best
the swiss army for network troubleshooting and analysis.
As a firewall engineer this tool combined with tcpdump makes life so much easier for troubleshooting issues. Not only that the decoding is amazing!
Definitively a key application in most any networking role. A must have!
This is by far one of the most important tools for someone that is doing security work. I utilize this tool on every engagement I work, and for learning about new protocols. This is the "Don't leave home without it!"