Today we are taking a look at Wireshark. Wireshark is an open-source network scanner and monitor. This is really handy as it lets you keep an eye on the traffic and packets that are going through any network cable that you happen to be looking at. For tech-heads that need to know this kind of information or even a business trying to keep things secure, this is something they will find very handy.
How to Download Wireshark
To download Wireshark for your machine, click on the Download button at the end of this review.
The Program Review
What is really neat about this is that you can keep an eye on if people are scanning or even trying to hack your network. The program is available for Windows, Mac, and Linux. The way the program works is pretty simple. When you fire it up you have three different sections on the screen, capture, files, and online and you want to start with capture.
Here is where you can see what interfaces you can check out. If you click here, you can see which ones are actively being used and that is the one you will more than likely want to select. You hit the start button and then you will be able to see all the traffic that is taking place on your network.
Once you have done this, you can then click on one of the packets to get some more information about it if you think there is something a little “interesting” going on. If you set the program off capturing information and then start looking around on websites. You can then see what kind of information is being passed forward and back.
In the program, there is a pretty handy filter that you can use to narrow things down. You will certainly want to do this as this records everything so it can be a lot to search through. So, if you did want to look for a specific website, you could put in the filter HTTP and it will then show off all the websites that it was tracking.
If you want to get even more in-depth with your search, you can scroll down the list of the packets, right click, and then you can “filter” so that it only shows the information about that specific site. There are many different ways that you can filter through captures and you can even change the view if you want to get really specific.
One of the main reasons that a person would want to use this is to find out if someone is trying to hack their network. If you notice a strange IP address that is trying to access one of your ports, this can be a good indication that a site out there is scanning your network and you can take the appropriate action.
I think that Wireshark is a fantastic program. Just think, 10 years ago it was unthinkable that your average Joe could do something like this, but Wireshark makes it possible. It makes keeping an eye on the security of your network as easy as possible so you can make certain your network is as safe as possible.
