TABLE OF CONTENTS Wireshark provides insight into what is occurring on a network, which is useful when implementing protocols, debugging network applications, testing networks, and debugging live networks. In situations involving interaction with a network at a technical level, most problems can be resolved using Wireshark.
Wireshark is an excellent educational aid. Being able to see and analyze network traffic is very instructive. This chapter covers the main components of the Wireshark Graphical User Interface (GUI), including:
Main window
Menu bar
Tool bar
Summary window
Protocol Tree window
Data View window
Filter bar
Information field
Display information
This chapter also covers the context-sensitive pop-up windows available in the Summary window, the Protocol Tree window, and the Data View window. It also explains the various dialog boxes that are launched by the menus and toolbars.
You will learn how to perform basic tasks in Wireshark (e.g., capturing network traffic, loading and saving capture files, performing basic filtering, printing packets) using the advanced tools provided by Wireshark. Examples have been provided to show you step-by-step how some of the less obvious areas of Wireshark work.
You can download binary packages for Wireshark from the Wireshark Web site at www.wireshark.com. If there are no binary packages available for your platform, or if they are not up-to-date, or if they are compiled without the options you need, you can download the source code from the Wireshark Web site and compile Wireshark using the...
