Scribd
Upload
62 views

What Is Wireshark

Uploaded by

Nilesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
62 views

What Is Wireshark

Uploaded by

Nilesh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

What is Wireshark?

Wireshark is an open-source packet analyzer, which is used for education, analysis, software
development, communication protocol development, and network troubleshooting.

It is used to track the packets so that each one is filtered to meet our specific needs. It is
commonly called as a sniffer, network protocol analyzer, and network analyzer. It is also used
by network security engineers to examine security problems.

History of Wireshark:

In the late 1990's Gerald Combs, a computer science graduate of the University of Missouri-
Kansas City was working for the small ISP (Internet Service Provider). The protocol at that time
did not complete the primary requirements. So, he started writing ethereal and released the first
version around 1998. The Network integration services owned the Ethernet trademark.

Combos still held the copyright on most of the ethereal source code, and the rest of the source
code was re-distributed under the GNU GPL. He did not own the Ethereal trademark, so he
changed the name to Wireshark. He used the contents of the ethereal as the basis.

Functionality of Wireshark:

Wireshark is similar to tcpdump in networking. Tcpdump is a common packet analyzer which


allows the user to display other packets and TCP/IP packets, being transmitted and received
over a network attached to the computer. It has a graphic end and some sorting and filtering
functions. Wireshark users can see all the traffic passing through the network.

Color coding in Wireshark:

The packets in the Wireshark are highlighted with blue, black, and green color. These colors
help users to identify the types of traffic. It is also called as packet colorization. The kinds of
coloring rules in the Wireshark are temporary rules and permanent rules.

1. The temporary rules are there until the program is in active mode or until we quit the
program.
2. The permanent color rules are available until the Wireshark is in use or the next time you
run the Wireshark. The steps to apply color filters will be discussed later in this topic.
Features of Wireshark:

1. It is multi-platform software, i.e., it can run on Linux, Windows, OS X, FreeBSD, NetBSD,


etc.
2. It is a standard three-pane packet browser.
3. It performs deep inspection of the hundreds of protocols.
4. It often involves live analysis, i.e., from the different types of the network like the
Ethernet, loopback, etc., we can read live data.
5. It has sort and filter options which makes ease to the user to view the data.
6. It can also capture raw USB traffic.

Uses of Wireshark:

1. It is used by network security engineers to examine security problems.


2. It allows the users to watch all the traffic being passed over the network.
3. It is used by network engineers to troubleshoot network issues.
4. It can also analyze dropped packets.
5. It also helps to troubleshoot latency issues and malicious activities on your network.

You might also like