Scribd
Upload
595 views

Wireshark Presentation

Wireshark is a graphical network protocol analyzer that was originally called Ethereal. It allows users to capture network traffic and decode packets in a human-readable format. Wireshark is commonly used by network administrators to troubleshoot problems, security engineers to examine security issues, developers to debug protocols, and others interested in learning network internals. While it cannot actively manipulate networks or detect intrusions, Wireshark provides powerful display and capture filters to examine specific network traffic in detail.

Uploaded by

bonfiree
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
595 views

Wireshark Presentation

Wireshark is a graphical network protocol analyzer that was originally called Ethereal. It allows users to capture network traffic and decode packets in a human-readable format. Wireshark is commonly used by network administrators to troubleshoot problems, security engineers to examine security issues, developers to debug protocols, and others interested in learning network internals. While it cannot actively manipulate networks or detect intrusions, Wireshark provides powerful display and capture filters to examine specific network traffic in detail.

Uploaded by

bonfiree
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 9

Introduction To

Wireshark
Advance Enterprise Network

Wireshark

Wireshark is a GUI Network Protocol Analyzer

Formerly known as Ethereal

1997, Gerald Combs, started writing it

2006, Wireshark

2008, Wireshark v1 released

Functions

Capturing network traffic

Decodes packets of protocols

Displays the network traffic in human-readable format

Features

Display Filters in Wireshark are very powerful

C-like symbols, or through English-like abbreviations

eq, == Equal

ne, != Not equal

Capture Filters follows the rules of the PCAP library

A capture filter for HTTP than captures traffic to and from


a particular host

-tcp port 80 and host 10.10.10.5

Intended Purposes

Network Administrators use it to troubleshoot network


problems

Network Security Engineers use it to examine security


problems

Developers use it to debug protocol implementations

People use it to learn network protocol internals

What Wireshark is not

Not an intrusion detection system.

It will not warn when strange things happen

Might help in figuring out what is really going on.

Not manipulate things on the network, only "measure" things from


it.

Doesnt send packets or do other active things

Demonstration

You might also like