TABLE OF CONTENTS You may have picked up this book because you heard about Wireshark (or its predecessor, Ethereal) and its feature-rich graphical user interface (GUI). Or maybe you read about it on the Internet, overheard a co-worker talking about it, or heard about it at a security conference. No matter what the case may be, if you are looking for a comprehensive guide to help you unleash the powers of Wireshark, you ve come to the right place.
Wireshark is the best open-source network analyzer available. It is packed with features comparable to commercial network analyzers, and with a large, diverse collection of authors, new enhancements are continually developed. Wireshark is a stable and useful component for all network toolkits, and new features and bug fixes are always being developed. A lot of progress has been made since the early days of Wireshark (when it was still called Ethereal); the application now performs comparably (and in some regards) better than commercial sniffing software.
In this chapter, you will gain an understanding of what Wireshark is, what its features are, and how to use it for troubleshooting on your network architecture. Additionally, you will learn the history of Wireshark, how it came to be such a popular network analyzer, and why it remains a top pick for system and security administration. Along the way, we go over some tips for running Wireshark in a secure manner, optimizing it so that it runs advanced techniques smoothly.
