Review
This is a quick review applies to version 1.1
Wireshark is an award-winning network protocol analyzer developed by an international team of networking experts.
The following full-length review applies to version 0.9
Wireshark (previously known as Ethereal) is a free network protocol analyzer. Statisics, burst size, output buffer size, losses for multicast data, response time, next and previous marked frames, track and share names, encoded files, dissectors, Ethernet, Token-Ring, serial, etc.
It is useful for analysis, troubleshooting, development, and education.
At the Capture, Options, the user defines the Interface to "listen", buffer size, the capture filter, and some other settings, and then Start the capture.
The interface displays three main areas: time, source, destination and information. Captured packets and, last, an hexadecimal view of the true data interchanged.
Now, the application can save the whole capture for further analysis, print the packets, look for a determinated packet by Display filter, Hexadecimal value or String, go to a given Packet number, to the first or last packet, colorize the packet list for easier analysis, etc.
Same functionalities are applied to any saved capture when it's shown on the same screen. The application allows to merge two or more captures.
Captures can be export as plain text, post script, CSV (comma separated values), PSML (HTML packet summary), and PDML (HTML packet details) files.
Wireshark displays filters, makes statistical outputs for exporting or later analysis, etc.
It offers the user powerful tools for Internet or network transfers troubleshooting, anaylisis or understanding. |
really good analyzer 
