As a systems administrator, or even any other user who wants to monitor and analyze network protocol, sometimes traditional troubleshooting may just not cut it at all. Sometimes despite all the ordinary troubleshooting processes you still cannot get a certain website to work over your network, while it easily opens over a different network. Or you may want to capture traffic flow over your network at the office. Either way, a network protocol comes in handy.
Why should you use Wireshark?
Wireshark monitors network interface cards in order to capture the traffic flowing through. These packets of data on NICs are then analyzed for information or possible solutions to problems. In addition, it has the ability to negotiate multiple protocols on the open systems interconnection layer. You can also capture network interface cards for many two-layer protocols such as PPP, Ethernet as well as ARP requests and routing protocols.
It can capture different media traffic whether you are looking at VOIP calls, USB or application layer protocols. You can also see data such usernames and passwords when somebody signs in over a network where you are equipped with Wireshark. Malicious activity on your network can also be detected. You can set filters to capture only the kind of traffic you are interested in, which, given how much traffic flows over a network ordinarily, is a useful function.
Key Features of Wireshark Include:
- It has a live capture and offline analysis capability;
- Deep inspection of hundreds of protocols, and more being added as time goes by;
- A three-pane packet browser;
- It is multi-platform, running on Windows, Mac, Solaris, Linux, FreeBSD, and many more;
- You can browse captured data via a Graphic User Interface or the TTY model TShark utility;
- Very powerful display filters;
- Rich VoIP analysis;
- It can read and write different capture file formats;
- You can read live data as it is captured;
- It has decryption support for many protocols;
- You can export output to XML, Postscript, CSV or plain text.
This tool is useful for learning about how network protocols work. It can also be useful for solving problems over the network that ordinary black box approaches cannot solve. Over shared networks such as public Wi-Fi, you can use it to hack and retrieve passwords and usernames from other users
What's new in 3.0.6 version?
- extcap: Several issues when capturing from multiple extcap interfaces. Bug 13653.
- Expert Infos Incorrectly Displays Info Column instead of comment. Bug 15516.
- Wireshark does not support USB packets with size greater than 256 KiB. Bug 15985.
- IS-IS: add support for decoding TE TLV Type 138 as per RFC 5307. Bug 16012.
- NET-SNMP EngineID Length handling Warning. Bug 16051.
- TLS decryption is very slow on Windows when using a large PMS file compared to Linux/macOS. Bug 16059.
- wireshark-3.0.5/epan/dissectors/packet-nas_5gs.c:2459: bad test ?. Bug 16075.
- ERSPAN Type III over GRE without sequence number not decoded correctly. Bug 16089.
- Windows dumpcap -v does not display capture library info. Bug 16108.
- [Regression] FT_CHAR fields not supported in Lua API. Bug 16129.
Updated Protocol Support:
- AgentX, BT L2CAP, ERSPAN, GRE, IPv4, IS-IS, NAS 5GS, OpcUa, SNMP, and SRT
Last Updated: 2019-10-24
File size: 51.57 MB
Operating system: Windows 10, Windows 8/8.1, Windows 7, Windows Vista, Windows XP
MD5 Checksum: 4263443571116b025db2fe0860c04d04