- The best network analyzer tool out there in the market.
- Being open source makes it highly sought after for both network admins and developers alike.
- Supported on all major platforms like Windows, Linux and Macintosh.
- You can easily analyze each and every packet captured from the network based on protocol types like TCP, IP, UDP, etc.
- Captured packet list can be very easily exported to files.
- Can be customized to suit your needs.
- Very user friendly layout.
- Supports filter creation for narrowing down packet selection.
Room for Improvement:
- Packet filter used in wireshark is quite cryptic and the syntax is quite different from the other command line packet analyzers, like tcpdump.
- Requires admin privileges for running the packet capture utility.
- You cannot change anything on the packet i.e. you can not modify anything in the packet, packet header, etc. You can only read them.
- Requires basic knowledge of Networking to decipher the packet capture.
-Cannot be used to diagnose any kind of network intrusions and hacking exploits.
Having used Wireshark for more than 3 years, I'm glad to find this useful application. The GUI is very good and helps you decipher the packet header, packet content, etc. very easily. Although, adding packet filters requires a basic knowledge of network concepts. Supports exporting captured packets to a text file for offline viewing.