What is Wireshark ?
Wireshark is an open source network sniffing software, which is design to track network packets and through the use of different filter options available in the software.
Why People Use Wireshark
- Network administrators use it to troubleshoot network problems.
- Network security engineers use it to examine security problems.
- QA engineers use it to verify network applications.
- Developers use it to debug protocol implementations.
- People use it to learn network protocol internals.
Features
- Available for UNIX and Windows.
- Capture live packet data from a network interface.
- Open files containing packet data captured with tcpdump or WinDump, Wireshark, and many other packet capture programs.
- Import packets from text files containing hex dumps of packet data.
- Display packets with very detailed protocol information.
- Save packet data captured.
- Export some or all packets in a number of capture file formats.
- Filter packets on many criteria.
- Search for packets on many criteria.
- Colorize packet display based on filters.
- Create various statistics.
The Color Coding Means in Wireshark
| Color in Wireshark | Packet Type |
| Dark gray | TCP SYN, ACK Traffic and FIN. |
| Light Green | HTTP Traffic. |
| Light purple | TCP. |
| Black | Packet error. |
| Light Yellow | SMB, NetBIOS and Windows traffic. |
| Light blue | UDP. |
| Dark Yellow | Routing. |
Wireshark software Installation in window
- step 1 :- Open the web browse.
- step 2 :- Search for Download Wireshark.
- step 3 :- Select the Windows installer according to your system configuration.
- step 4 :- Open the software.
- step 5 :- Follow the install instruction by accepting the license.
- step 6 :- The Wireshark is prepared for use.
To know more about Ubuntu please check Wikipedia link click here.
0 Comments