Review: Wireshark - Network Protocol Analyzer (“Packet Sniffer”)

Review: Wireshark: Network Protocol Analyzer ("Packet Sniffer")

Review of the Free & Open Source Software (FOSS) network protocol analysis ("sniffing") tools included in Wireshark.

REVIEW SUMMARY

Wireshark is the world's most popular network protocol analyzer ("packet sniffer") which allows you to see what's happening on your network at a micro level. It is the de facto standard tool or network protocol analysis across many industries and academic institutions. Wireshark supports the deep inspection of hundreds of network protocols, with more protocols being added continuously. Live network data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform). Decryption support is provided for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.

Network data captured by Wireshark can be browsed by either a GUI or the TShark Command Line Interpreter (CLI) utlility. Wireshark's powerful network data filters allow users to efficiently separate interesting data from network traffic "noise." Wireshark supports a wide range of capture file formats including, but not limited to: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, and Network General Sniffer. Wireshark is the leading network protocol analyzer and is highly recommended for both cybersecurity noobs and certified ethical hackers.

Reviewer: Editor, CybersecurityForum
Cybersecurity Software Reviewed: Wireshark: Network Protocol Analyzer ("Packet Sniffer")
Date Published: 01/15/2020
Editor Rating: 3.8 / 5 Stars