Wireshark Review

- The best network analyzer tool out there in the market. - Being open source makes it highly sought after for both network admins and developers alike. - Supported on all major platforms like Windows, Linux and Macintosh. - You can easily analyze each and every packet captured from the network based on protocol types like TCP, IP, UDP, etc. - Captured packet list can be very easily exported to files. - Can be customized to suit your needs. - Very user friendly layout. - Supports filter creation for narrowing down packet selection.

- Packet filter used in wireshark is quite cryptic and the syntax is quite different from the other command line packet analyzers, like tcpdump. - Requires admin privileges for running the packet capture utility. - You cannot change anything on the packet i.e. you can not modify anything in the packet, packet header, etc. You can only read them. - Requires basic knowledge of Networking to decipher the packet capture. -Cannot be used to diagnose any kind of network intrusions and hacking exploits.

Having used Wireshark for more than 3 years, I'm glad to find this useful application. The GUI is very good and helps you decipher the packet header, packet content, etc. very easily. Although, adding packet filters requires a basic knowledge of network concepts. Supports exporting captured packets to a text file for offline viewing.