What Is Wireshark? How It Is Used And Its Installation?

Shubham SainiStudio-DevOps, 2 Comments on What Is Wireshark? How It Is Used And Its Installation?2 min read
Table of contents
Reading Time: 2 minutes

Wireshark is a network protocol analyzer or an application that captures packets from a network connection, such as from your computer to your home office or the internet. The packet is the name given to a discrete unit of data in a typical Ethernet network. We’ll see the installation of Wireshark and also how to use Wireshark.

What Is Wireshark? How It Is Used And Its Installation?

Wireshark is the most often-used packet sniffer in the world. Like any other packet sniffer, Wireshark does three things:

Packet Capture Wireshark listens to a network connection in real-time and then grabs entire streams of traffic – quite possibly tens of thousands of packets at a time.

Packet Filtering Wireshark is capable of slicing and dicing all of this random live data using filters. By applying a filter, you can obtain just the information you need to see.

Packet Visualization Wireshark, like any good packet sniffer, allows you to dive right into the very middle of a network packet. It also allows you to visualize entire conversations and network streams.

Wireshark Installation on Linux

sudo apt install wireshark
sudo dpkg-reconfigure wireshark-common
sudo usermod -a -G wireshark $USER
newgrp wireshark

Once you have completed the above steps, you then log out and log back in, and then start Wireshark:

wireshark &

How Wireshark Is Used

Once You have Installed Wireshark, you can start capturing packets. But before that, you need to have proper permissions on your system to put Wireshark into promiscuous mode. In a Linux system, it means that you have root permissions.

After having the right permissions, you can start capturing packets. Perhaps the best is to select Capture >> Options from the main window. This will bring up the Capture Interfaces window, as shown below:

What Is Wireshark? How It Is Used And Its Installation?

The above window will show all the available interfaces. Wireshark provides a lot to choose from.

Once the network interface is selected, you simply click the Start button to begin your capture. As the capture begins, it’s possible to view the packets that appear on the screen, as shown below:

What Is Wireshark? How It Is Used And Its Installation?

Once you have captured all the packets that you want, simply click the red, square button at the top. Now you have a static packet capture to investigate.

For More Information: https://www.wireshark.org/#learnWS

Written by 

Shubham Saini is a DevOps Engineer who loves to play with DevOps tools, Security methods and is also interested in Ethical Hacking & Cyber Security. He is a gamer also.

2 thoughts on “What Is Wireshark? How It Is Used And Its Installation?2 min read

  1. Pingback: How To Read Color Coding In Wireshark? - Knoldus Blogs
  2. Pingback: How To Filter And Inspect Packets In Wireshark? - Knoldus Blogs

Comments are closed.

Knoldus-logo-final
nashtech-logo-white

COMPANY

Sign up to our newsletter

    Certificates

    IOSTQB Platinum Partner-white
    cmmi5-white
    ISO 27001-white
    ISO 27002-white
    ISO 9001-white

    Partners

    knoldus-lightbend-white.png
    knoldus-databricks-white-.png
    knoldus-confluent-white.png
    knoldus-docker-white.png
    knoldus-hashiCorp-white.png
    knoldus-ibm-white.png
    knoldus-daml-white.png
    knoldus-datastax-white.png
    knoldus-kmine-white.png
    knoldus-rust-foundation-white.png
    knoldus-scala-white-1.png
    knoldus-snowflake-white-1.png
    umbraco 1
    aws-partner-logo 1
    Microsoft Gold Partner_white 1
    © 2023 Knoldus, Inc. All Rights Reserved.
    Part of NashTech
    Privacy Policy | Sitemap

    Discover more from Knoldus Blogs

    Subscribe now to keep reading and get access to the full archive.

    Continue reading