Wireshark
Download as PPTX, PDF22 likes26,240 views
The document discusses Wireshark, an open source network packet analyzer software. It can be used for network troubleshooting, monitoring network traffic and analyzing protocol behavior. Key features include live packet capture from network interfaces, detailed packet display, capture file import/export and many filtering options. While useful for security, development and learning, it does not actively manipulate network traffic or detect intrusions. It requires a supported network card and is available for Windows, Mac and various Linux/Unix systems.
Wireshark
- 1. Project : Network Analyzer SoftwareGroup member : Mohammad reza radan Mohsen fasihi
- 2. Introduction : Network analyzer software's are one of the important and useful network software which use for troubleshooting , and monitoring of network . in this type of software we can observe all packets in network and we can recognize when exactly we high level of traffic in our network and in which port for example , from 6pm to 8pm in FTP port we have high level of traffic . One of the most popular network analyzer is Wireshark , this Software help you to monitoring your network and see all details of packet through the network , Wireshark is open source software and is totally free , this software is available for all type of OS with GUI environment which provide user friendly in interface and easy to work .
- 3. What is wireshark :Wireshark is a network packet analyzer. A network packet analyzer will try to capture network packets and tries to display that packet data as detailed as possible. You could think of a network packet analyzer as a measuring device used to examine what's going on inside a network cable, just like a voltmeter is used by an electrician to examine what's going on inside an electric cable (but at a higher level, of course). In the past, such tools were either very expensive, proprietary, or both. However, with the advent of Wireshark, all that has changed. Wireshark is perhaps one of the best open source packet analyzers available today.
- 4. people use Wireshark for : network administrators use it to troubleshoot network problemsnetwork security engineers use it to examine security problemsdevelopers use it to debug protocol implementationspeople use it to learn network protocol internals Beside these examples, Wireshark can be helpful in many other situations too.
- 5. Feature :Available for UNIX and Windows.Capture live packet data from a network interface. Display packets with very detailed protocol information. Open and Save packet data captured. Import and Export packet data from and to a lot of other capture programs. Filter packets on many criteria.Search for packets on many criteria.Colorize packet display based on filters.Create various statistics.And ….
- 6. Some more feature: Live capture from many different network mediaWireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well. Which media types are supported, depends on many things like the operating system you are using. Import files from many other capture programsWireshark can open packets captured from a large number of other capture programs. Export files for many other capture programsWireshark can save packets captured in a large number of formats of other capture programs. Open Source SoftwareWireshark is an open source software project, and is released under the GNU. You can freely use Wireshark on any number of computers you like, without worrying about license keys or fees or such. In addition, all source code is freely available under the GPL. Because of that, it is very easy for people to add new protocols to Wireshark, either as plugins, or built into the source, and they often do!
- 7. Disadvantage: Wireshark isn't an intrusion detection system. It will not warn you when someone does strange things on your network that he/she isn't allowed to do. Wireshark will not manipulate things on the network, it will only "measure" things from it. Wireshark doesn't send packets on the network or do other active things
- 8. System Requirement :(Microsoft)Windows 2000, XP Home, XP Pro, XP Tablet PC, XP Media Center, Server 2003, Vista . 32-bit Pentium or alike (recommended: 400MHz or greater), 64-bit processors in WoW64 emulation - 128MB RAM system memory (recommended: 256MBytes or more) 75MB available disk space 800*600 (1280*1024 or higher recommended) resolution with at least 65536 (16bit) . A supported network card for capturing: Ethernet: any card supported by Windows should do
- 9. Unix/Linux :Apple Mac OS XDebian GNU/LinuxFreeBSDGentoo LinuxHP-UXMandriva LinuxNetBSDOpenPKGRed Hat Fedora/Enterprise LinuxrPath LinuxSun Solaris/i386Sun Solaris/Sparc
- 28. End