Wireshark Originally named Ethereal has been viewed as the most popular network analysis and assessment tool in the world. This software is used for analysis, troubleshooting and communication development of a network.It basically allows one to interactively assess the network traffic in a computer network.wireshark packet analyzer is a multiplatform software that uses a GTK+ widget tool for implementation of its interface and the pcap which consist of an application programming interface purposely for packet capturing. The tool can be used in any operating system platform including UNIX, Linux, Solaris and Microsoft Windows.
The software can be used to analyze network usage and traffic details at different times and levels from the connection time to transmission and termination time. Wireshark examines the traffic details including the bits that make up an individual packet. The pcap tool used by wireshark to capture packets provides individual packet data information such as source, destination, transmit time, protocol type and header data. It also has an inbuilt filtering and sorting tool that categorizes and organizes the analyzed information. This information is used in the assessment and audit of the network performance; it is also useful in the assessment of network security.
The results displayed by the wireshark interface include various outputs that are used for determining the network performance and security operations in the network. The tool will provide packet details which include the explanation of network level it belongs to, the transmission time, sender, recipient, among other details relating to an individual packet of data. This output is then used in the determination of the network performance.
Orebaugh, A., Ramirez, G., & Beale, J. (2007). Wireshark & Ethereal Network Protocol Analyzer Toolkit. Syngress.
Wireshark.org. (2007). About Wireshark. Retrieved October 23, 2012, from Wireshark: http://www.wireshark.org/about.html