Wireshark is a popular open source protocol analyzer that allows users to capture and read info from applications such as Sniffer, Snoop and Microsoft network monitor. What makes this software stand out is the fact that you can download it and and install it free of charge. It can be successfully used for network error troubleshooting, communications and software protocol development, but also for network analysis. Initially the tool was released in May 2006 as Ethereal, but due to trademark issues it was renamed to Wireshark soon after.
Wireshark can run on a wide range of operating systems, such as Windows, OS X, OpenBSD, NetBSD, Free BSD, HP-UH, Solaris, UNIX and Linux.
It's important to remember that Wireshark is based on WinPcap. In fact, WinPcap is required in order for
Wireshark to function properly and if it's not installed on your
machine, then the wizard will install it automatically. WinPcap
includes a driver, a network statistics engine, kernel level packet
filtering and is used in order to capture network packets without
the interference of protocols. As for the driver, it's used to
access the network's low-level layers by bypassing all network
If you want to make sure your network is secure at all times, then Wireshark can help you monitor the traffic on it which allows you to detect performance or security issues. Since it's highly versatile and very powerful, Wireshark can meet the demands of both home and enterprise level users. On top of that, given the fact it can easily read captured data from apps such as Microsoft Network Monitor, Sniffer and Snoop, it can be easily used as a third party tool for network analysis.
Wireshark 's main function is to help analyze the traffic on any network of your choice regardless of size. It does so without having to purchase additional equipment which would generally cost upwards of a few thousand dollars. Therefore, anyone who's working in an IT department where traffic monitoring is vital is certainly going to find this tool to be extremely powerful and versatile.
1. Ability to write and read in various capture formats.
2. Can export reports to plain text, CSV, PostScript and XML.
3. Supports coloring rules and decryption.
4. Can performed VoIP analysis.
5. Statistics such as conversion, protocol hierarchy, end point and more are viewable.
6. Included powerful macro system.
7. Filtering system is available.
8. Wireshark has the ability to capture live data from many network types and interfaces.
9. Data can be viewed from previously captured files and also live.
10. Expert Info logs problematic network behavior.
Wireshark is a reference network protocol analyzer tool for open source network analysis. With its amazingly powerful functionality and user friendly interface, Wireshark makes it easy to see at any given time what's happening on a specific network and immediately take action if any type of suspicious activity is detected. On top of that, the tool offers several features that are generally found in higher end hardware which furthermore adds to its value.