Wireshark is one of the best and free networking tools. You can use it for learning purposes or troubleshooting. Once installed on your machine you can capture and analyze traffic from any network interface. Other software that capture network traffic can use Wireshark (.pcap files) to display that information. You can download wireshark from their website and the installation is very simple.
Wireshark requires WinPcap (the main network capture and filtering engine)
We won't bother with USBPcap
The WinPcap installation will start (we are still on the Wireshark Wizard)
On the main Wireshark page, we easily start capturing traffic on one of our interfaces.
We can select a specific data frame and get more information. This is a PING echo reply from source 10.10.10.1 (our Domain Controller) to 10.10.10.10 (our Main Physical Host).
So when we want to go deeper on any protocol and see how it is working or why it is not working Wireshark can really a difference. We will analyze Wireshark more on a coming post.
Wireshark requires WinPcap (the main network capture and filtering engine)
We won't bother with USBPcap
The WinPcap installation will start (we are still on the Wireshark Wizard)
On the main Wireshark page, we easily start capturing traffic on one of our interfaces.
We can select a specific data frame and get more information. This is a PING echo reply from source 10.10.10.1 (our Domain Controller) to 10.10.10.10 (our Main Physical Host).
So when we want to go deeper on any protocol and see how it is working or why it is not working Wireshark can really a difference. We will analyze Wireshark more on a coming post.
No comments:
Post a Comment