Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2019-08-08 19:57:09 +0000

Ross Jacobs gravatar image

What are you trying to do? Depending on that, Wireshark may or may not be the right tool.

These are the some of the features that Wireshark has that you may want to check out:

  • Decrypt captures with TLS, Kerberos, 802.11, etc.
  • Export a file: transferred over http, ftp, etc.
  • Follow TCP conversations
  • Diagnose common network problems by having Wireshark highlight them for you (i.e. Expert Information)
  • View any structured data. You could use it to read an email archive if the right dissectors were available, relating to
  • Lua Scripting Interface for anything Wireshark lacks. People have built dissectors to read network traffic generated from sources like World of Warcraft and Ethereum.

The way to think about Wireshark is the packet analysis tool.

What are you trying to do? Depending on that, your answer, Wireshark may or may not be the right tool.

These are the some of the features that Wireshark has that you may want to check out:

  • Decrypt captures with TLS, Kerberos, 802.11, etc.
  • Export a file: transferred over http, ftp, etc.
  • Follow TCP conversations
  • Diagnose common network problems by having Wireshark highlight them for you (i.e. Expert Information)
  • View any structured data. You could use it to read an email archive if the right dissectors were available, relating to
  • Lua Scripting Interface for anything Wireshark lacks. People have built dissectors to read network traffic generated from sources like World of Warcraft and Ethereum.

The way to think about Wireshark is as the packet analysis tool.

edit: typo

What are you trying to do? Depending on your answer, Wireshark may or may not be the right tool.

do?

Check Out Resources

These are the some of the features that Wireshark has that you may want to check out:

  • Decrypt captures with TLS, Kerberos, 802.11, etc.
  • Export a file: transferred over http, ftp, etc.
  • Follow TCP conversations
  • Diagnose common network problems by having Wireshark highlight them for you (i.e. Expert Information)
  • View any structured data. You could use it to read an email archive if the right dissectors were available, relating to
  • Lua Scripting Interface for anything Wireshark lacks. People have built dissectors to read network traffic generated from sources like World of Warcraft and Ethereum.

The way to think about Wireshark is

Changing Data

In terms of changing data, these are some things that Wireshark can do:

  • editcap allows you to change random bytes or chop off packet data after N bytes.
  • If you filter traffic, you can save the result, and the file will be "changed".
  • You can add comments to packets or to the packet capture as the packet analysis a whole.
  • You can reorder packets to match time order if they are unordered.

Depending on what you are trying to do, Wireshark may or may not be the right tool.

edit: typo

Add caveats
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2