What is Wireshark? (Updated)

what is wireshark

Read Time1 Minute, 17 Second

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Such a tool is often referred to as a network analyzer, network protocol analyzer or sniffer.

Packet capture can provide a network administrator with information about individual packets such as transmit time, source, destination, protocol type, and header data. Data can be captured “from the wire” from a live network connection or read from a file of already-captured packets. Live data can be read from different types of networks, including Ethernet, IEEE 802.11, PPP, and loopback. In Wireshark, live USB traffic can be captured as well. Wireless connections can also be filtered. Captured files can be edited or used by programming.

what is wireshark

The user typically sees packets highlighted in green, blue, and black. It uses colors to help the user identify the types of traffic at a glance. By default, green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic. And black identifies TCP packets with problems.

Because Wireshark can also be used for secretly listening to a conversation, an organization using the tool should make sure it has a clearly defined privacy policy that clears out the rights of individuals using its network, grants permission for the only specified purpose under specific rules.

Wireshark is licensed under the GNU General Public License.

Also, read: Flask SQLAlchemy Tutorial: Login System with Python

Subscribe to our YouTube channel for tutorials, podcasts, and more!

We are also on Spotify!