Skip to main content

Basics of Wireshark - Part:- 1


What is Wireshark?

As we all know Wireshark is an open-source packet analyzer, which is help to all or any folks like employed for education, analysis, software development, communication protocol development, and network troubleshooting.

It is accustomed track the packets so as that every is filtered to meet our specific needs. which is generally called as a sniffer, network protocol analyzer, and network analyzer. it is also utilized by network security engineers to appear at security problems.



Wireshark may well be a liberated to use application which is utilized to apprehend the knowledge back and forth. it's often called as a free packet sniffer computer application. It's adding the actual the network card into an unselective mode, i.e., to simply accept all the packets which it receives.

Uses of Wireshark:

Wireshark will be utilized in the subsequent ways:

  • It is utilized by network security engineers to look at security problems.

  • It allows the users to look at all the traffic being skipped over the network.

  • It is employed by network engineers to troubleshoot network issues.

  • It's so much help in troubleshoot latency issues and malicious activities on your network.

  • It may also analyze dropped packets.

  • It helps us to understand how all the devices like laptop, mobile phones, desktop, switch, routers, etc., communicate during a local network or the remainder of the globe.

Functionality of Wireshark:

Wireshark is analogous to tcpdump in networking. Tcpdump may be a common packet analyzer which allows the user to display other packets and TCP/IP packets, being transmitted and received over a network attached to the pc. it's a graphic end and a few sorting and filtering functions. Wireshark users are able to see all the traffic which are passing through the network.

Wireshark also can monitor the unicast traffic which is not sent to the network's MAC address interface. But, the switch doesn't pass all the traffic to the port. Hence, the promiscuous mode isn't sufficient to work out all the traffic. the varied network taps or port mirroring is employed to increase capture at any point.

Port mirroring could be a method to observe network traffic. When it's enabled, the switch sends the copies of all the network packets present at one port to a different port.


Features of Wireshark

  • It is multi-platform software functionality, Example:- it can run on Linux, Windows, OS X, FreeBSD, NetBSD, etc.

  • It is a regular three-pane packet browser.

  • It performs deep inspection of the many protocols.

  • It often involves live analysis, i.e., from the various forms of the network just like the Ethernet, loopback, etc., we are able to read live data.

  • It has sort and filter options which makes ease to the user to look at the information.

  • It is also useful in VoIP analysis.

  • It may capture raw USB traffic.

  • Various settings, like timers and filters, is accustomed filter the output.

  • It can only capture packet on the PCAP (an application programming interface accustomed capture the network) supported networks.

  • Wireshark supports a range of well-documented capture file formats like the PcapNg and Libpcap. These all formats are using to store the already captured data.

  • It is the all over networking areas related number:1 piece of software for its purpose. it's countless applications starting from the tracing down, unauthorized traffic, firewall settings, etc.
Labels:

Comments

Post a Comment

Popular posts from this blog

What is STP? - Explain Advantages and Disadvantages

The Spanning Tree Protocol is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. STP is a protocol. It actively monitors all links of the network. To finds a redundant link, it uses an algorithm, known as the STA (spanning-tree algorithm). The STA algorithm first creates a topology database then it finds and disables the redundant links. Once redundant links are disabled, only the STP-chosen links remain active. If a new link is added or an existing link is removed, the STP re-runs the STA algorithm and re-adjusts all links to reflect the change. STP (Spanning Tree Protocol) automatically removes layer 2 switching loops by shutting down the redundant links. A redundant link is an additional link between two switches. A redundant link is usually created for backup purposes. Just like every coin has two sides, a redundant link, along with
5 comments
Read more

What are the Advantages and Disadvantages of TCP/UDP ?? Difference between TCP and UDP

As in previous blog we have define and explain about what is TCP and UDP and from now we are moving ahead with Advantages, Disadvantages and Difference of TCP and UDP but for this you have to know about TCP and UDP hence to understand it go for a What is TCP and UDP . Advantage of TCP Here, are pros/benefits of TCP: It helps you to establish/set up a connection between different types of computers. It operates independently of the operating system. It supports many routing-protocols. It enables the internetworking between the organizations. TCP/IP model has a highly scalable client-server architecture. It can be operated independently. Supports several routing protocols. It can be used to establish a connection between two computers. Disadvantages of TCP Here, are disadvantage of using TCP: TCP never conclude a transmission without all data in motion being explicitly asked. You can't use for broadcast or multicast transmission. TCP has no block boundaries, so you
Post a Comment
Read more