about wireshark is the world's foremost and widely-used network protocol analyzer.
it lets you see what's happening on your network at a microscopic level and is the defacto
and often dejure
standard across many commercial and non-profit enterprises, government agencies
and educational institutions.
wireshark development thrives thanks to the volunteer contributions of networking experts
around the globe and is the continuation of a project standed by gerald combs in 1998.
wireshark has a rich feature set which includes the following:
deep inspection of hundreds of protocols , with more being added all the time
live capture and offine analysis
multi-platform : runs on windows, linux , macOS , solaris , freeBSD , netBSD
nad many others
captured network data can be browsed via a GUI , or via the TTY-mode TSark utility
the most powerful display fiters in the industry
rich voip analysis
read/write many different capture file formats tcpdump libpcap pcap NG
catapult DCT2000 , cisco secure IDS iplog , microsoft network monitor
network general sniffer compressed and uncompressed sniffer pro and netxray network
instruments observer , netscreen snoop novell lanalyzer radcom
wan/.lan analyzer , shomiti/finisar surveyor , tektronix k12xx ,
visual networks visual uptime , wildpoackets etherpeek / tokenpeek / airopeek
and many others .
capture files compressed with gzip can be decompressed on the fly
live data can be read from ethernet IEEE 802.11 ppp/hdlc , atm , bluetooth ,
usb, token ring , frame relay fddi , and others depending on your platform
decryption support for many protocols , including IPsec ISAKMP , kerberos , snmpv3 ssl / tls , wep and wpa/wpa2
coloring rules can be applied to the packet list for quick intuitive analysis
output can be exported to XML , postscript csv or plain text