Discuss in my forum
Wireshark Network Protocol AnalyzerFrom Tony Bradley, CISSP-ISSAP, former About.com GuideSee More About:packet snifferprotocol analyzerwiresharketherealWhat Happened To Ethereal?:Wireshark is Ethereal. Gerald Combs, creator of Ethereal, took a position with CACE, developers of the WinPcap library. He wanted to bring Ethereal with him, but due to a trademark dispute he was forced to fork the development code under a new name, Wireshark. Ethereal still exists, but Combs and the core development team of Ethereal will be developing under Wireshark. Wireshark is accepted as the "true" version of Ethereal, which is why it ranked Number 2 on the Top 100 Security Tools.What Is Wireshark?:In short, a network protocol analyzer, otherwise known as a "packet sniffer", captures and decodes packets of information from a network. Wireshark can capture live network traffic or read data from a file and translate the data to be presented in a format the user can understand. Network analyzers such as Wireshark are invaluable tools for administrators to diagnose and troubleshoot problems with, but are also used by intruders to obtain unauthorized information.What Does Wireshark Do?:Wireshark can be used to capture and analyze network packets and discover a wide array of information such as:Troubleshooting network issues and locating bottlenecksNetwork intrusion detectionLog network traffic for forensic analysisDiscovering a DoS (denial-of-service) attackIt can also be used by attackers for more nefarious purposes such as:
Capturing usernames and passwordsOS fingerprintingCapturing sensitive or proprietary informationNetwork mappingRunning Wireshark:Distributions of Wireshark are available for a wide range of Unix and Linux platforms as well as Windows.
To actually capture the packets from the network requires a packet capture driver like WinPcap. Wireshark is sponsored by CACE, developers of the WinPcap library. The packet driver you use will vary depending on the exact Unix, Linux or Windows platform you are running Wireshark on.
For details on downloading and installing Wireshark, you can visit www.wireshark.org/download/.Wireshark Resources:These web sites and books will help you use Wireshark. Some are aimed at Ethereal, Wireshark's predecessor, but the information is still useful:
wireshark.orgThe Most Powerful Packet Sniffers AvailableBook Review: Ethereal Packet SniffingOrigins of Wireshark:Wireshark is a development fork of the popular Ethereal Protocol Analyzer. Wireshark is maintained by the creator and core team from the Ethereal Project.
Ethereal was first released in 1998 by Gerald Combs. It was released under a GNU General Public License (GPL) and has been improved, modified and maintained by open source developer support. You can find a complete list of the developers who have contributed to Ethereal on their site at www.ethereal.com/introduction.html#authors.Supported Protocols:Wireshark, like Ethereal, supports almost 700 protocols, more than most even know exist. Because it is open source, new dissectors, the drivers that let Wireshark decode and translate different protocols, are created regularly as users have a need for them. For that reason, the list of supported protocols grows on a regular basis and could well have changed by the time you read this. To see the complete list of supported protocols, visit the Wireshark FAQ.Netsecurity ArticlesIntroduction to Packet SniffingIntroduction to Port Scanning2006 Top 100 Security ToolsNetsecurity Book ReviewsEthereal Packet SniffingNessus Network AuditingIntrusion Detection With SnortRelated ArticlesFree Packet Sniffer SoftwareVPN Self TestIP - The Internet Protocol. What it is and how it worksX.25 - X.25 in Computer NetworkingLinux Network Administrators Guide - 1.2.3. Other Types of HardwareRelated Searches network protocol analyzer network intrusion detection core development team nefarious purposes usernames and passwords linux platformsExplore Internet / Network SecurityMust ReadsI've Been Hacked! Now What?Facebook Security - How to Stay SafeWireless Hacker Secrets RevealedGoogle
View the Original article
Нема коментара:
Постави коментар