Summary
- Wireshark is a popular and powerful tool for network packet analysis, allowing users to examine network behaviour at a microscopic level.
- It is an open-source protocol that displays network traffic in a format that humans can understand, helping to identify malicious packets, troubleshoot network problems and learn how network protocols interact and function normally.
- Normally used by network administrators and cybersecurity professionals, Wireshark can help to identify malicious traffic patterns and detect and uncover any security breaches, elevating the security of the network.
- To use Wireshark, you must first install it, selecting the desired network interface to monitor, start a new capture and analyse the packets, filtering the data to manage the substantial flow of packets captured.
These steps can be used for both network trouble-shooting and network security.