Wireshark Reviews

63 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.2 out of 101

Do you work for this company?

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-11 of 11)

Jaspreet Singh profile photo
Score 9 out of 10
Vetted Review
Verified User
Review Source
Wireshark is used in our organization for monitoring the network traffic and troubleshooting in case we are facing any network related issues. It is one the most used software which lets you dissect the network packet to the tiniest details and pull out any network related information. It is used by our department only and not by everyone across the organization. Our job requires making all the systems and communications across the systems to run smoothly. So we have a constant session running on all the systems via Wireshark and in case of any problem, we quickly dump all the network packets and filter its using amazing filter function of Wireshark and then find out the problem. Without software, it might take hours or even days to solve the problems.
  • Light-weight software - Does not require high end specifications; also runs smoothly on Legacy systems
  • Filter function - Lets you filter you packets from thousands to tens so as to find your target much easily
  • Simultaneous capturing on all the network adapters - You can capture packets from all the Network Interface Cards (NIC's) at once.
  • GUI of the software can improve a bit; like some more animations can be added to make it more user friendly
  • Some more learning resources can be officially added; like filter query function is much advanced, but everyone does not know how to efficiently use it
  • Themes can also be provided to users so that people who work on this software for hours can have a new experience by changing the colors of the software
Wireshark is well suited for scenarios in which the technical difficulties are being faced. A lot of times we are not aware of how computers actually talk with each other. With Wireshark, you can learn this topic in depth and help yourself and your colleagues in case anyone is facing any sort of networking related problems. Many people just use the computer system for basic tasks and often tend to get stuck on simple things like if the system is not able to retrieve the IP from the router. After you learn these concepts you can easily solve these problems. Wireshark is a bit of a technical software program and only intended for people who have a basic understanding/ background of computers. If not, this software might end up giving you a lot of information which will be really tough for you to understand. So I would recommend if you want to use this software and are interested in the concepts as mentioned before/ above, go through a quick course on computer networking concepts and you shall be good to start exploring Wireshark.
Read Jaspreet Singh's full review
Paul Fan profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Wireshark is being used widely in my organization especially in network engineering and operation teams. It's being used for multiple purposes in network design, testing, operation, and troubleshooting.
  • Wireshark is easy to use, the user can customize the display layout of the packet based on the user's own interests to only highlight the network layers and parameters being cared about.
  • There are plenty of integrated/embedded tools inside Wireshark can be used to perform deep analysis of the different type of network issues.
  • Filter and search functionality are so powerful which can be helpful for network issue troubleshooting.
  • It's better to integrate some APIs to the high-level users allowing them to design and program their own deep analysis functions to support the work.
  • it's better to optimize the algorithm processor a little bit as I will normally have trouble to open a big size packet capture larger than 3GB, the computer will become very slow and take a very long time to open the file and perform any analysis.
I use Wireshark nearly every day, it's the most important tool in my daily work as a network engineer to troubleshoot the real network problem in the production network. It helps me to look into the problematic protocol scenarios in the packet layer to understand where is the problem and how to fix.
Read Paul Fan's full review
No photo available
Score 9 out of 10
Vetted Review
Verified User
Review Source
Wireshark is used not only in my organisation, but in almost all the organisations which involves development, troubleshooting and cyber security of applications. Wireshark is highly used in the troubleshooting side though, it is used by any of the computer networking enthusiast. In my organisation, a simple use case of Wireshark is that it is used to understand how the applications (we develop) interact with the computer system at a packet level.
Furthermore, this software is nearly used by all the developers which are directly or indirectly involved in the development/ testing of the applications.
  • Details on the granular level: This software dissects the packets to the maximum limit possible. It shows you everything passing by in the packet including all the headers. It is amazing to see, without fail, how computers are actually interacting.
  • Available on all the Operating Systems: This software can be downloaded and installed on any OS (Windows, Mac or Linux). It never limits you to one OS. This is an amazing and a very constructive feature of Wireshark.
  • Doesn't become a load on the systems processor: The software works flawlessly without actually making any load on the systems processor. It works smoothly and does not lag at any time.
  • Multiple dumps simultaneously: This software can listen on multiple NIC's at once and provide you the dump. You need not work on one NIC at once, plug in and listen on all of them at once.
  • Showcase of the information: The way the software presents the information is sometimes cloggy. It can be well presented in some ways which will let the users understand the data in a much better format.
  • Themes: Colours and themes can be provided which makes the software more intuitive and look positive and healthy.
Wireshark is used for all the network related tasks. In cases where you think the application is not interacting well or if there is some network issue. This application will help you eradicate all of them by giving you the power to investigate the network traffic at the granular level.

It needs a good knowledge of networking so as to operate and understand the data provided by the software. So if you are lacking in that, I would definitely say to gain some more knowledge and then start using this software.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
I use it as a systems information manager to capture traffic on the network and analyze the packets for various reasons. I have used it to find a ping scan from a wireless network that was DOS'ing an external location, and also have used it to pinpoint a system with a corrupted NIC driver that was causing a severe broadcast storm on our main network.
  • Packet capturing
  • Packet analysis
  • Traffic monitoring and reporting
  • It is beginner-friendly as far as installation, but it could use a tutorial.
  • Perhaps there is a way to do this already, but I haven't yet seen it. It would be nice if it could be integrated with a network package that could detect network anomalies, fire up an automated packet analysis, and send a report to an administrator.
It is invaluable for capturing and analyzing network traffic and identifying issues with devices that are either malfunctioning, or possibly even set up as rogue devices on a network. Using the data from a packet analysis combined with logs and MAC tables from various network devices, it can be used to find specifically where a device might be located. It's not a "set it and forget it" application, but it is well suited for on-the-spot analysis.
Read this authenticated review
No photo available
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Wireshark whenever there is a need for deep-dive packet captures. We usually turn to Wireshark after we have done all other steps in general troubleshooting. Wireshark is being used by both the campus network teams, data center network teams, corporate systems team, and production systems team. It is a great tool not only for network engineers.
  • EXTENSIVE detail
  • Easy to run, even for non-networking individuals. Makes it so they can run a packet capture on their machine and send to the network team for analysis.
  • Lowcost
  • Packet capture files get extremely large, extremely quickly.
  • Sifting through packet capture can be arduous at times.
  • Sometimes it feels almost "too in-depth" and can be overwhelming to look at. Hard to know where to start looking.
Wireshark is a great tool to use after general network troubleshooting has taken place; checking subnet mask, default gateway, route table, etc. It can help identify breaks or hiccups in network communication, and narrow down where further investigation should be focused. It is not a good tool to use for general troubleshooting, you need to have a core knowledge of networking to find the tool valuable.
Read this authenticated review
NAKIA EPLEY profile photo
February 11, 2019

Wireshark is Solid :-)

Score 9 out of 10
Vetted Review
Verified User
Review Source
I use Wireshark almost daily in school. I am in my final quarter of my Bachelor's Degree in Networking and Securities. We use Wireshark both on our real-time environments, virtual environments, and physical lab equipment. We utilize this through the entire I.T. program, and on the network side for the securities pathway.
  • Wireshark is SO easy to use! At very first glance, it can be a little overwhelming but after about 2 or 3 times of being walked through instruction, the ease of use makes the packet capture process easy to understand.
  • The *(TCP/UDP/HTTP, etc) filters make things very clear, and hides the information that you do not need at the moment. Following the TCP stream is laid out easily to be able to view the intrusion.
  • Integrates very well into the virtual environments as well as real-time. It acts on the virtual environment just as if it were on my physical computer.
  • There are a lot of troubleshooting features, but at this point in my program, I have not really run into anything too terribly negative to say about Wireshark.
Wireshark is nicely laid out, integrates with Snort, Splunk, etc, and overall is great software. I am moving into a Critical Informatics role, or as a security analyst after graduation, and Wireshark will be one of my most solid backbone tools in pen testing. So using it on an educational platform has set me up for success once I get into a real-time environment.
Read NAKIA EPLEY's full review
Kenneth Hess profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
We/I use Wireshark to capture and to analyze both wireless and wired network traffic. It is an absolutely required tool for any system administrator or network administrator. Our entire IT department uses it. Wireshark is both free and open source software, which, for what it does, saves us a lot of money. This graphical tool is easy to use and makes network packet analysis far less painful than if we had to rely just on the command line. Using Wireshark, we can analyze network traffic for further analysis ourselves or we can capture it and send it as a pcap file to a security consultant for further investigation. It is an essential part of our administrative toolbox.
  • Wireshark is easy to use and to collect network traffic with.
  • Wireshark color codes network packets based on which type of packet has been captured. This makes the analysis much quicker.
  • Wireshark has a lot of different filters that can be applied either during capture or during analysis to filter out uninteresting packets from the feed.
  • You can download and use a standalone (not installed) version to run on USB thumb drives or other external media in case you want to analyze a potentially compromised system in place.
  • Wireshark requires elevated privileges, which can either be bad or good depending on your perspective.
  • It has the standard disadvantage of capturing packets that might not reflect actual network traffic because the data is captured locally. Not a flaw of Wireshark, specifically, but of any locally run sniffing software.
  • It can be confusing for new users to see all the columns and colors. You can do a lot of customization but it takes some effort.
Wireshark is best suited to capturing and analyzing network traffic data. It is not an intrusion detection system (IDS), or a honeypot, or any real-time security tool. Offline analysis is where Wireshark shines. Take a capture using it or some other tool and load it into Wireshark for extensive analysis. Wireshark is great for forensic analysis of network traffic. You can find malformed packets, attack signatures, suspicious traffic, etc. Nothing gets by Wireshark.
Read Kenneth Hess's full review
Matthew Frederickson profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Wireshark to troubleshoot network problems - both wired and wireless. It's not uncommon to get a ticket from a user stating that the network is "slow". Since that is always less then helpful, we usually (after basic troubleshooting steps) start a Wireshark capture closest tot he endpoint with the issue. Invariably, we are always able to find the issue - whether it's endpoint or switch related - or even if it's something downstream. We've managed to train some of the IT staff in how to do a capture - so even if they don't understand what they are looking at, they are familiar with grapping a pcap file for our review.
  • Displays data (network captures) in a logical, clear way that enables you to easily see what is happening on the wire.
  • Provides expert help and color codes packet types so it's easy to quickly pick out different types of traffic.
  • Separates the data into three panes so you can get an overview, packet details, and see string data.
  • Can be a little intimidating right out of the box.
Wireshark is awesome for troubleshooting network issues. It gives you a direct view into what is happening on the wire. It takes the guesswork out of knowing what is happening on the wire - you can tell whether there are delays from web sites; file servers; voice issues. Yes - it is great for troubleshooting SIP traffic also.

It does not do massive file captures; it does not do a good job on massive packet capture files. If you are capturing traffic on a ten-gig or higher port, use tcpdump or some other mechanism to grab the data. Then use tshark (or one of the other included tools) to parse out what you need (time range, or specific type of traffic) to analyze inside wireshark.
Read Matthew Frederickson's full review
Ari Robinson profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Troubleshooting of reported issues and verification of facts (i.e. that a certain protocol is being used).
  • Very powerful and easy to use (once you understand the basic interface).
  • Free and easy to install.
  • Flexible and can be used in many different scenarios.
  • Bring back the Legacy option!
  • Improve the ease of use for some advanced functionality (such as decoding of video into H.264 or seeing the encryption type being used).
  • Sometimes the GUI can become non-responsive when using RDP.
Anytime you want to see what is happening between point A and point B on the network.
Obviously, it can't be used when trying to capture communication between one socket and another socket on the same machine.
Read Ari Robinson's full review
Yuan Sun profile photo
Score 10 out of 10
Vetted Review
Verified User
Review Source
Wireshark is used both in the network team and helpdesk team. It helps us to identify and troubleshoot network connectivity issues.
  • It can help us to determine the network issue such as if it would be at the application level or network routing issue.
  • It also can identify how the source and destination communicate.
  • It can track the network traffic to determine the actually network flow.
  • I find it's pretty easy to use and have been a fan of it.
It's one of the best network tools for our network engineers.
Read Yuan Sun's full review
No photo available
November 04, 2016

Wireshark

Score 7 out of 10
Vetted Review
Verified User
Review Source
Wireshark is being used across our organization to trouble shoot all network related issues. We are also using it to trouble shoot application speed issues between locations.
  • Wireshark provides an immense amount of data. If the data is being sent you will be able to track it.
  • Will flag some notable information if you don't know what you are looking for.
  • Can analyze VoIP data as well.
  • It can be difficult to parse and filter data without working with Wireshark for a while. The amount of data can be overwhelming for first time users.
  • We have had difficulties getting it to run properly with MacOS
Wireshark can be used to find speed issues for an internal application slowing down between geographical locations. Wireshark works well for tracking down unmanaged switches and hubs that are causing issues in our network.

If you have no idea what your are looking for, Wireshark may not be the way to go. Also when tracking issues with a web application, as there are easier tools to use for that.
Read this authenticated review

About Wireshark

Wireshark is an open source network troubleshooting tool.

Wireshark Technical Details

Operating Systems: Unspecified
Mobile Application:No