Promiscuous mode if enabled (enabled by default) allows Wireshark to capture all the packets it can over the network, else only packets to and from the machine running Wireshark will be captured. Before starting the capture on the network, we should also specify whether we want to capture packets in promiscuous mode or not.
Interface list displays all the interfaces present on the machine so we can choose the one(s) we want to listen on. Let’s dive deep into this fantastic tool and understand some of its features:Īfter installing the application and starting it, the first thing to do is to choose the Interface(s) to start with. Wireshark requires winpcap (packet capture and filtering engine) for its capture and analysis functions, although it comes along with the default installation of Wireshark. Previously known as ‘Ethereal,’ Wireshark presents the user with a rich GUI that has easy-to-implement features and makes the process of packet analysis simple, even for a novice. Many packet sniffers are available out there and all of them provide different features but Wireshark stands out from the rest due to its rich set of features and easy to use interface.
0 kommentar(er)
