![]() ![]() Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform).Capture files compressed with gzip can be decompressed on the fly.Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others.The most powerful display filters in the industry.Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others.Deep inspection of hundreds of protocols, with more being added all the time.Port mirroring or various network taps extend capture to any point on net simple passive taps are extremely resistant to malware tampering. However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all of the traffic traveling through the switch will necessarily be sent to the port on which the capture is being done, so capturing in promiscuous mode will not necessarily be sufficient to see all traffic on the network. Wireshark allows the user to put the network interfaces that support promiscuous mode into that mode, in order to see all traffic visible on that interface, not just traffic addressed to one of the interface’s configured addresses and broadcast/ multicast traffic. ![]() Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options. It is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark is cross-platform, using the GTK+ widget toolkit to implement its user interface, and using pcap to capture packets it runs on various Unix-like operating systems including Linux, Mac OS X, BSD, and Solaris, and on Microsoft Windows. ![]() It lets you capture and interactively browse the traffic running on a computer network. Wireshark is the world’s foremost network protocol analyzer. Wireshark поддерживает DNS, FDDI, FTP, HTTP, ICQ, IPV6, IPX, IRC, MAPI, MOUNT, NETBIOS, NFS, NNTP, POP, PPP, TCP, TELNET, X25 и так далее. ![]()
0 Comments
Leave a Reply. |