Wireshark

Wireshark is a program that is used for network troubleshooting. 

Some of the main features of this program include the following:

·      There are two ways that data can be captured with this program. The first is “from the wire” which means that the data comes from a live network connection. The second is from data that has been made into a file of already-captured packets.

One key benefit of using this program is that it is completely free to use.

·         There are multiple types of networks that data can be read from. These include Ethernet, IEEE 802.11, PPP, and loopback.

·         This program uses GUI or TShark (the terminal/command line version) to browse the captured network data.

·         Using the command-line switches, programs can be programmatically edited or converted to the editcap program.

·         Using a display filter, data can be refined for a better display.

·         This program allows dissecting new protocols can be created using plug-ins.

·         This program allows VoIP calls can be detected and if the encoded data is a compatible encoding, can even be played back.

·         This program allows raw USB traffic to be captured.

·         This program allows the filtering of wireless connections as long as traverse the monitored Ethernet.

·         This program utilizes multiple settings, timers, and filters in order to provide the facility of filtering any and all output of the captures traffic.

·         This program does not require elevated privileges used for safety for their operators anymore due to the possibility of a bug in the system from using these privileges.

·         This program uses color packets to help organize particular fields in packets which helps identify the different types of traffic at a glance.

·         This program can also be used with network simulation tools in order to capture packets.

Wireshark requires Linxus, macOS, BSD, Solaris, some other Unix-like operating systems, or Microsoft Windows. There is also a terminal-based version call TShark. These programs are free programs released using the terms set forth by the GNU General Public License.