"The Wireshark Network Protocol Analyzer"
As the name suggests, Wireshark is a software utility designed for network analysis and management. Wireshark is an open-source project and it is the follow-up of the famous Ethereal technology. In essence, the application will allow you to scan all the incoming and outgoing traffic on a network for a wide array of protocols. In order to make full use of the features and be able to locate the exact package of data you are looking for, you will need to learn a thing or two about how to use the filters properly. That being said, let us take a closer look at the reasons why Wireshark is such a must-have tool for any network administrator.
Since the application is part of an open-source project and there are several developers constantly updating and making their own changes to the coding, this review will refer strictly to the 1.6.1 version of the program. The Wireshark installation kit is relatively small, occupying only 18 MB. It is important to note that download accelerators can sometimes cause issues with the Wireshark. Therefore, it is advisable that you turn them off and download the kit the old fashioned way. The network analyzer has been created to account for almost all operating system, including Windows, Linux, Mac OS X and UNIX.
Once you have downloaded the install kit for Wireshark, you will be prompted to choose whether you want the full array of features or only certain ones. The list of features to choose from comprises of Wireshark (the actual application), TShark, Plug-ins and Extensions, Tools and the User Guide. It is advisable to perform the full installation unless you are absolutely sure that other applications you currently have render certain features useless. Next, you will be required to install WinPcap, as it is one of the Wireshark dependencies. The installation of Wireshark will pause and wait for the user to install WinPcap before resuming.
Whilst Wireshark cannot be considered one of the most intuitive interfaces, especially for users with a low to medium knowledge level in network monitoring, it does allow configuration of the monitoring data to a certain degree. Moreover, the application allows you to select which bars and windows you want to display and to set the filtering criteria for the data packages you capture. The upper section of the Wireshark window comprises of action buttons that allow you to browse through the traffic on the set devices, whilst in the lower section you will be able to see the real-time data that is captured, its source and destination, the protocol used, and any additional information regarding it. Truth be told, it can get a bit confusing at times, especially if you are not employing the help of the filters correctly. On the bright side, once you get the hang of it, you will be able to successfully monitor and decode almost all data packages for common and uncommon protocols.
The greatest advantage provided by Wireshark is the ability to conduct cross-platform analysis of protocols, therefore allowing network administrators the possibility to successfully monitor all the existing traffic within their networks. This is a great ally for companies, educational facilities, and even for small networks that need to ensure security of both incoming and outgoing data. Moreover, since the Wireshark is an open-source protocol you can use it free of charge and even develop your very own additions to improve it. Consequentially, the versatility of this application knows no boundaries and it suits all the needs of advanced users. However, as far as imbedding Wireshark within other software utilities, it is best to read the GNU General Public License in order to ensure that you are within the letter of the law.
There are few negative things that can be said about Wireshark apart from the fact that the complexity level of the user interface does not recommend it for the general public. However, certain builds that include add-ons created by independent developers have been proven to be a bit unstable, causing the application to crash at times.
In terms of viable alternatives to Wireshark, you can also try the Softperfect Network Scanner, Netman or Free IP Scanner. Whilst they are all highly rated utilities and the interfaces are slightly simpler, they do not provide the same vast array of scanning features.
Wireshark is the kind of utility you cannot afford to pass up if you are a network admin with an extended level of knowhow, but beginners and intermediate users are better off with one of the less advanced alternatives.
What's new in this version: Security updates and new features
Top user review