Home > Articles > Networking

  • Print
  • + Share This
From the author of 4. Wireshark (Previously Ethereal): To See the Raw Traffic

4. Wireshark (Previously Ethereal): To See the Raw Traffic

Wireshark is a network protocol analyzer that captures, inspects, and displays the raw traffic of many networking protocols.

It runs on just about any platform: Windows, Linux, Mac OS X, and many others. It has an easy-to-use GUI and a TTY-mode.

You can use this tool to help understand what's really happening when you're trying to troubleshoot problems on the network. You can browse, search, and filter through the traffic.

If you don't understand the protocols that well, it gives you a chance to familiarize yourself.

Wireshark can also save packet traces for later inspection; open standard formats from other analyzers; and can be exported to XML, PostScript, CSV, or plain text.

In addition, capturing Ethernet and wireless traffic, Wireshark can read from USB, Bluetooth, Token Ring, ATM, and more.

If you use any encryption, such as WEP, WPA, WPA2, Ipsec, or SSL/TLS, you can configure Wireshark with the keys so it can decrypt and display the actual data if needed.

  • + Share This
  • 🔖 Save To Your Account