If you are a computer network or security enthusiast, you’ve probably heard of Wireshark. Wireshark is the world’s most popular network protocol analyzer. It lets you dive into captured traffic and analyze what is going on within a network. You can use it to diagnose network issues and find network vulnerabilities.
In this article, we will go through some basics of capturing traffic with Wireshark. Since we will go through some examples, feel free to use a PCAP file to follow along! Head to the Wireshark wiki to find some sample capture files.
Working With PCAP Files
After you open up Wireshark, it will start capturing traffic on multiple network interfaces. You can double-click on an interface to see traffic details:
You should see packets listed in the Wireshark window like this:
#programming #technology #linux #cybersecurity