It displays the raw data of the selected packet in a hexadecimal view. It shows the fields of selected packet, in a collapsible format. It’s possible to filter packages by choice using a “filter bar” (see “WireShark Filter”). You can select a package for see it in the section below. This panel shows all packets captured, one per line. This is the main windows and it is divided in 3 sections: After selecting it and after starting to capture the packages, the screen will be as follows: This is the entry screen, in which you can see all available network connections on your current device and that permit you to select the network of which you are interested in capturing packages. Wireshark also can open packets captured from others capture programs and it can save packets captured in a large number of formats of other capture programs. Unlike Burp Suite, WhireShark can’t manipulate things on the network and can’t send packets, it only register things from the network. This allow people to add new plugins to WhireShark. It is an open source software released under GNU General Public License (GPL) and you can use it on any number of computers you like. It should be used by everyone network manager because it captures packets and lets you examine their contents. It also can be useful combined with arp poisoning attack using arpspoofing technique.
It register all packets pass into a selected network interface (including wireless LAN). WhireShark is a tool for network analysis.
0 kommentar(er)
