Wireshark 1.5.1

Wireshark is the world's foremost network protocol analyzer, and is the de facto standard across many industries and educational institutions.

  • Deep inspection of hundreds of protocols, with more being added all the time
  • Live capture and offline analysis
  • Standard three-pane packet browser
  • Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
  • Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
  • The most powerful display filters in the industry
  • Rich VoIP analysis
  • Read/write many different capture file formats
  • Capture files compressed with gzip can be decompressed on the fly
  • Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
  • Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Coloring rules can be applied to the packet list for quick, intuitive analysis
  • Output can be exported to XML, PostScript®, CSV, or plain text

Download: Wireshark 1.5.1 (Multiple Platform) | 18~ MB (Open Source)
View: Changelog | Wireshark Website

Report a problem with article
Previous Story

Avast! Free Antivirus 6.0.1091

Next Story

Exclusive: Chrome notebooks confirmed to be released June/July

10 Comments

Commenting is disabled on this article.

I use it a lot for monitoring inter-server communication (php or asp.net backend that calls a webservice) when I use my localhost as test server or for debugging when I create an application that has some sort of network connection.

Sometimes it acts more or less like a replacement for fiddler with more filter posibilities.

XerXis said,
I use it a lot for monitoring inter-server communication (php or asp.net backend that calls a webservice) when I use my localhost as test server or for debugging when I create an application that has some sort of network connection.

Sometimes it acts more or less like a replacement for fiddler with more filter posibilities.

me too.

_DP said,
Can someone list a few real world uses of this please?

I work for a company that is governed by the Payment Card Industry (PCI). One audit requirement is to encrypt our RDP traffic to a "High" level. So, how do I know it's working? With Wireshark. I compare some servers with the standard Medium encryption vs the ones that have the GPO setting for High using Wireshark and filter out the network traffic so that I only see the port 3389 information.

Wireshark has also been used by network analysts to analyze what's going on in thir environment, although there are bigger and better products out there that do a better job. This is a good app for any IT Pro to get a basic feel for.

Hello,

I used to work for a company that made Voice over IP (VoIP) hardware, stuff like handsets, PBXes (technically, back-to-back user agents, but, hey, it's a PBX in the telco world), PoE injectors, Ethernet switches and the like. If we ever had to troubleshoot any kind of interoperability issue with other Ethernet gear, or investigate audio quality problems on the network side, we used Wireshark (or Ethererial, as it was called back then) to get a packet capture from the customer. Quite handy, really.

Regards,

Aryeh Goretsky

_DP said,
Can someone list a few real world uses of this please?

_DP said,

Thanks, seeing as I have a switch, I don't think this will do much then with the sounds of that?

Higher end switches allow port mirroring which allows you to use it, or you can hook up a hub between your router and you network, for instance, and catch the traffic going through. Looking through the information can be tedious, especially when learning how to use it. It can be useful though.