Wireshark – network protocol analyzer

First of all, this is not something that can just be used and looked at, you have to learn how to interpret the capture, use the filters, basically, if you don’t know much about packets or how connections work, information travels, you will have to do a lot of reading to use something like this correctly.

I’ve been using it for some time, although I don’t always have a use for it but thought I’d review it anyway as I was very happy to have a 64 bit version now.

Security wise, this has had many fixes from past versions and is much safer even though with PROPER use, it’s not really unsafe anyway. As they will tell you, don’t run in admin mode, try to use a secondary capture machine or something that isn’t critical to your use. Capturing internet traffic, especially on a public connection, or with your main system is simply asking for trouble.

This is especially useful if you feel you have some goings on with your network, be it connection issues or maybe some communications that shouldn’t be happening. It can also be used, as I did, for monitoring what was happening on my network, not due to issues with the network itself.

It’s a powerful tool and I’ve enjoyed over time, using this to monitor and keep packet results, seeing what is going in and out of my network. I do btw use a side system for this so I am not compromised. It’s my test box, or the “punching bag” as I like to call it.

And no, it’s not Ethereal anymore. Besides, Wireshark sounds better.


Review details

This tool just keeps getting better and better. It works great with a slight learning curve but the documentation will help you out there. The capabilities and functionality are top notch! Kudos to the programmer! n

Two-Thumbs Up!

Get it, use it, Rate it!


Review details

Do not use this (or any other tool) to monitor your network adapter that is connected to a “public” network or you will create a security breach that will leave your PC open to attack by malicious probes because it records all incoming probe/traffic messages (to a temp file), essentially bypassing the protection of your firewall. In my case, I almost became infected with the Win32.Slammer virus/trojan when I simply went to terminate the program after running it for about two hours; however, my Avast AV detected and blocked the infection (thank goodness). In summary, this program does it’s job perfectly and my rating will reflect the program’s functionality accordingly but, again, do not use it to monitor your incoming traffic from the internet.


Review details

Related Posts