Of course, it is capable of reading data from different network technologies such as Ethernet, IEEE 802.11, PPP / HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI and others. Another important aspect is that the captured capture can be compressed with GZIP on the fly, and of course, decompress it on the fly also in case we are reading the capture.
Wireshark is capable of reading and writing in different capture formats, such as tcpdump (libpcap), pcap ng, and many other extensions, to perfectly adapt to different programs for further analysis. A fundamental characteristic of any packet analyzer is the filters, so that it only shows us what we want it to show us, and no more information that would generate extra work for us.
Wireshark allows to see all the traffic captured via GUI with the program itself, however, we can also see all the information captured with the TShark program, a tool that works through the console and will allow us to read everything through the CLI command line, to see everything via SSH, for example.
0 kommentar(er)
