Wireshark is the foremost network protocol analyzer that is available and is the de facto standard across many industries and educational institutions. With Wireshark you can undertake deep inspection of hundreds of protocols, with more being added all the time. Wireshark has a Live capture and offline analysis feature.
Wireshark Key Features Include:
Standard three-pane packet browser. Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility. The most powerful display filters in the industry. Rich VoIP analysis. Read/write many different capture file formats. Capture files compressed with gzip can be decompressed on the fly. Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom). Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2. Coloring rules can be applied to the packet list for quick, intuitive analysis. Output can be exported to XML, PostScript®, CSV, or plain text.
The following updates have been undertaken in this version Wireshark:
- You can now show and hide toolbars and major widgets using the View menu.
- You can now set the time display format and precision.
- The byte view widget is much faster, particularly when selecting large reassembled packets.
- The byte view is explorable. Hovering over it highlights the corresponding field and shows a description in the status bar.
- An Italian translation has been added.
- The Summary dialog has been updated and renamed to Capture File Properties.
- The VoIP Calls and SIP Flows dialogs have been added.
You can download Wireshark from FileHippo.com, today.
[Image via commons.wikimedia]