Wireshark is a network protocol analyzer, or an application that captures packets from a network connection, such as from your computer to your home office or the internet. Packet is the name given to a discrete unit of data in a typical Ethernet network (What Is Wireshark and How to Use It | Cybersecurity | CompTIA, n.d.).
Wireshark is the most frequently-used packet sniffer in the world.
Like other packet sniffers, Wireshark can do three things:
- Packet Capture: Wireshark listens to a network connection in real time and then grabs entire streams of traffic – quite possibly tens of thousands of packets at a time.
- Filtering: Wireshark is capable of slicing and dicing all of this random live data using filters. By applying a filter, you can obtain just the information you need to see.
- Visualization: Wireshark, like any good packet sniffer, allows you to dive right into the very middle of a network packet. It also allows you to visualize entire conversations and network streams.
References
- What Is Wireshark and How to Use It | Cybersecurity | CompTIA. (n.d.). CompTIA. https://www.comptia.org/content/articles/what-is-wireshark-and-how-to-use-it