Wireshark is a network packet analyzer. A network packet analyzer captures network packets and tries to display that packet data as detailed as possible.
A network packet analyzer can be regarded as a measuring device to examine what’s going on inside a network cable, just like a voltmeter is used by an electrician to examine what’s going on inside an electric cable (but at a higher level, of course).
It is developed and maintained by a global team of protocol experts. It used to be known as Ethereal, and was renamed to Wireshark in May 2006.
Key Features
- Hundreds of protocols are supported, with more being added all the time.
- Live capture and offline analysis are supported.
- Standard three-pane packet browser.
- Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.
- Powerful display filters.
- Rich VoIP analysis.
- Read/write many different capture file formats: tcpdump (libpcap), Catapult DCT2000, Cinco Networks NetXRay captures, Cisco Secure IDS iplog, Endace Measurement Systems’ ERF format capture, EyeSDN USB S0 traces, Microsoft Network Monitor, Network General Sniffer (compressed and uncompressed), Sniffer Pro, and NetXray, Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others.
- Capture files compressed with gzip can be decompressed on the fly.
- Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform).
- Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.
- Coloring rules can be applied to the packet list, which eases analysis.
- Output can be exported to XML, PostScript, CSV, or plain text.
Website: www.wireshark.org
Support: Documentation, Wiki
Developer: Gerald Combs (original author) and a large number of contributors
License: GNU General Public License v2.0
Wireshark is written in C and C++. Learn C with our recommended free books and free tutorials.
Related Software
| Network Analyzers | |
|---|---|
| Wireshark | Network protocol analyzer with a rich and powerful feature set |
| Ettercap | Comprehensive suite for man in the middle attacks |
| Kismet | Wireless network and device detector, sniffer, wardriving tool |
| IPTraf-ng | Feature-laden network statistic monitoring tool |
| netsniff-ng | Swiss army knife for daily Linux network plumbing |
| Kyanos | Networking analysis tool using eBPF |
| EtherApe | Graphical network monitor |
| darkstat | Captures network traffic, calculates usage statistics, and serves reports |
| justniffer | Network TCP packet sniffer with reliable TCP flow rebuilding |
| tcpflow | TCP/IP packet demultiplexer |
| tcpdump | Powerful and hugely respected command-line packet analyzer |
| sniffglue | Packet sniffer written in Rust |
| sniffer | Alternative network traffic sniffer |
| dsniff | Collection of tools for network auditing and penetration testing |
| ngrep | grep applied to the network layer |
| Network Monitor | Rreal-time network connection monitoring tool |
| sniffit | CORBA based sniffer system with ncurses interactive mode |
| Jomon | Network forensics and sniffer tool |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |