gerwed.blogg.se - Wireshark download 64 bit

Port mirroring or various network taps extend capture to any point on net. So capturing in promiscuous mode will not necessarily be sufficient to see all traffic on the network. However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all of the traffic traveling through the switch will necessarily be sent to the port on which the capture is being done.

Wireshark allows the user to put the network interfaces that support promiscuous mode into that mode, in order to see all traffic visible on that interface, not just traffic addressed to one of the interface’s configured addresses and broadcast/ multicast traffic. In addition, some integrated sorting and filtering options.

Wireshark is very similar to tcpdump, but has a graphical front-end. It is the de facto (and often de jure) standard across many industries and educational institutions. It is cross-platform, using the GTK+ widget toolkit to implement its user interface, and using pcap to capture packets. The program lets you capture and interactively browse the traffic running on a computer network. You can use it for network troubleshooting, analysis, software and communications protocol development, and education. Some Windows versions requires WinPcap to be installed.Wireshark is the world’s foremost network protocol analyzer.

Coloring rules can be applied to the packet list, which eases analysis.

Hundreds of protocols are supported, with more being added all the time.

Capture files compressed with gzip can be decompressed on the fly.

Read/write many different capture file formats: tcpdump (libpcap), NAI's Sniffer (compressed and uncompressed), Sniffer Pro, NetXray, Sun snoop and atmsnoop, Shomiti/Finisar Surveyor, AIX's iptrace, Microsoft's Network Monitor, Novell's LANalyzer, RADCOM's WAN/LAN Analyzer, HP-UX nettl, i4btrace from the ISDN4BSD project, Cisco Secure IDS iplog, the pppd log (pppdump-format), the AG Group's/WildPacket's EtherPeek/TokenPeek/AiroPeek, Visual Networks' Visual UpTime and many others.

Live capture and offline analysis are supported.

The most powerful display filters in the industry.

Multi-interface: Along with a standard GUI, Wireshark includes TShark, a text-mode analyzer which is useful for remote capture, analysis, and scripting.

Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others.

Wireshark has a rich feature set which includes the following: Hundreds of developers around the world have contributed to it, and it it still under active development. It is the continuation of a project that started in 1998.

Wireshark is one of the world's foremost network protocol analyzers, and is the standard in many parts of the industry.