Skip to main content
TrustRadius
Wireshark

Wireshark

Overview

What is Wireshark?

Wireshark is an open source network troubleshooting tool.

Read more
Recent Reviews

To Wireshark or not

9 out of 10
October 31, 2022
We use Wireshark in a multitude of ways. First, we troubleshoot connectivity issues with it, second, we use it for Firewall ruleset tests …
Continue reading
Read all reviews

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Product Demos

Local and Remote Sniffing with Wireshark

YouTube

Wireshark demo (simple http)

YouTube

Saving Files From Wireshark

YouTube

Brim Demo

YouTube

How to Use Wireshark's Follow TCP Stream Feature

YouTube

Wireshark SIP Capture

YouTube
View more demos
Return to navigation

Product Details

What is Wireshark?

Wireshark Technical Details

Deployment TypesOn-premise
Operating SystemsWindows, Linux, Mac
Mobile ApplicationNo

Frequently Asked Questions

Wireshark is an open source network troubleshooting tool.

Reviewers rate Support Rating highest, with a score of 10.

The most common users of Wireshark are from Mid-sized Companies (51-1,000 employees).
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(129)

Attribute Ratings

Reviews

(1-25 of 29)
Companies can't remove reviews or game the system. Here's why
November 02, 2022

Must have tool to work in or with Networks!

Kaveen Eashwarage | TrustRadius Reviewer
Kaveen Eashwarage
Manager - Special Projects
Central Finance Co PLC (Financial Services, 1001-5000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Receiving the TCAP messages has been never easy. This opensource tool easily capture TCAP during the calls for me on different INAP services. We also easily evaluate messages through Wireshark now. And we keep track of packet data information exchange between different networks very conveniently. Wireshark helps us now to easily debug the network data exchange issues and fix them quickly.
Pros and Cons
  • Possibility to analyze packets from various interfaces (LAN,Wifi,BT,USB).
  • Ability to integrate with GNS3 easily.
  • Its a free tool and available on all platforms.
  • Provide comprehension analysis on communication protocols.
  • Learning curve is a little steep.
  • Encrypted network traffic read is a a struggle.
  • User interface can be developed
Likelihood to Recommend
We found a bug in the network of our organization due to an intermittent issue thanks to Wireshark analysis. This tool has never let me down all these 02 years. Packet capturing and analyzing the traffic flow are the best usage I take out of Wireshark and I have been able to rely on this always.
October 31, 2022

The king of software for capturing and analyzing network traffic

Verified User
Analyst in Information Technology
Law Practice Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark software is used every day by me and my IT team as a specific tool for capturing and analyzing traffic on our networks. It is super intuitive and complete to identify the different types of protocols that travel through our network and identify anomalies, failures, and prevention of attack problems. We have been using Wireshark for about 3 years, and only with this tool do we have deep details of the inbound and outbound traffic of our lan and wlan network, and we do daily analysis and reports to always seek the best performance and security.
Pros and Cons
  • Ease of capturing and analyzing incoming and outgoing network traffic.
  • It allows offline analysis of inspected and captured packages.
  • Excellent and friendly interface.
  • Large community with great support and advanced feature tips.
  • Windows compatible.
  • It is bad for parsing very large packets.
  • It takes time and patience to analyze all packages.
Likelihood to Recommend
Wireshark is made up of advanced features for capturing packets and analyzing network protocols and can be used to capture different network cards and technologies such as wifi and BlueTooth. We recommend the use of this tool by all IT professionals as it is fundamental for the security of the network and identifies everything that is traveling on the network by protocol, ports, and IPs and then analyzes it to solve problems and security flaws with the internet.
October 31, 2022

Great open-source tool with a powerful toolset

Swapnil Madiwale | TrustRadius Reviewer
Swapnil Madiwale
Technology Lead
V ARCHITECTURE PTY LTD (Architecture & Planning, 11-50 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I have used Wireshark to investigate network issues and mostly find lost IPs on the network. The GUI is amazing as well as the command line's speed works wonders. I also used Wireshark to capture packets to analyse if there were too many DNS requests going through to the local DNS server.
While saying that, I only used it primarily to get a deep understanding of our network.
Pros and Cons
  • Great UI & Command Line Tools
  • Packet capture feature is very good
  • It is open source which is the best thing in a tool like Wireshark
  • A little bit of intrusion detection feature would help
  • Other than that, I don't think it lacks anything
  • Perfect little tool
Likelihood to Recommend
If someone needs to deep dive into the network to check for causes of latency and slow speed cropping up when people get working, they definitely need Wireshark. I have used it in an office of 25 users, with each having a computer on the wired network and a mobile phone on the WiFi. I use Wireshark to check the network status and Meraki & Umbrella to implement policies.
October 31, 2022

Indispensable tool

Verified User
Director in Other
Computer & Network Security Company, 1-10 employees
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Its port scans help you find the problem quickly. Recently I had to analyze a company because there was so much traffic on the network.
Pros and Cons
  • Dropped packets
  • Latency issues
  • I don't miss anything
Likelihood to Recommend
It allows us to follow the trace of the TCP stream packets, we can see everything related to said packet, the before and after, being able to apply custom filters to them without losing the flow.
October 31, 2022

To Wireshark or not

BG
Brian Grime
CIO (Chief Information Officer)
Superior Credit Union (Banking, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We use Wireshark in a multitude of ways. First, we troubleshoot connectivity issues with it, second, we use it for Firewall ruleset tests and third we use it to monitor odd traffic patterns. We find it most helpful when setting up a new product and a vendor is blaming something on our firewall and we can then show them the logs that the traffic is getting through to their side but no response.
Pros and Cons
  • Packet sniffing
  • Traffic pattern recreation
  • Traffic monitoring
  • More point and click
  • Images are difficult to decode
Likelihood to Recommend
When I want to see what type of traffic is leaving a workstation, Wireshark is second to none. However, if I want to see images, it then becomes much more difficult to render the images.
October 31, 2022

Wireshark is a great and super affordable network troubleshooting tool

Vrej Anbarsoun | TrustRadius Reviewer
Vrej Anbarsoun
Sr. Systems Engineer
Irwin Naturals (Information Technology & Services, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Wireshark in our organization to troubleshoot network-related issues, such as when setting up a new site-to-site VPN tunnel and for some reason the connection is not being established. Wireshark would be used to actually gather and examine the packets to see determine why the connection is not being established and to resolve the issue based on the actual captured traffic.
Pros and Cons
  • Captures network traffic
  • Categorizes network traffic based on many different categories
  • Offers numerous filtering options to reduce unnecessary clutter
  • Perhaps Wireshark could offer more regular updates/upgrades.
Likelihood to Recommend
Wireshark is well suited for network troubleshooting scenarios, such as when setting up a VPN site to site tunnel and having issues connecting, whether the connection is failing at the outset, or if the failure is occurring several steps in, e.g. at the second IKE proposal etc. It provides excellent insight into issues like this. Another example is when VPN users fail to connect via VPN client, so the troubleshooting steps would be similar.
October 29, 2022

WireShark

JO
Jorge Ortega
IT
Lea County Electric (Information Technology & Services, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We have been using Wireshark for a few years, it allows us to take a deep view of out network and analyze what is being sent and received. We use it a lot when trying to trouble shoot connections that aren't acting how they are programmed to work. It also lets us troubleshoot our microwave network when our routers aren't working properly.
Pros and Cons
  • Inspection of protocols
  • Analysis of packets
  • Live data
  • More user friendly
  • A more detailed explanation of certain packets
Likelihood to Recommend
On different occasions we have had issues with our Microwave router Gui, where it can ping the ip but can't access the web interface. We used Wireshark to see the type of traffic that is being sent and received that allows us to eliminate certain problems and narrow down to the solution.
October 29, 2022

Exactly what we need for our business

MH
Matt Huiatt
Senior Information Technology Audit Manager
SS (Information Technology & Services, 1-10 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We have a lot of clients and there are times when they run into certain network issues when trying to connect to certain apps. With Wireshark we're able to run a packet capture and get more info on what is going on during the communication process so we can pinpoint where the problem lies.
Pros and Cons
  • Packet Capture
  • Logging
  • N/A
Likelihood to Recommend
We had an issue where a user could not connect to an external system. The vendor was blaming our network however it was working fine for everyone else. Turns out there was an issue on the vendors side where it was refusing connection due to some strange settings they had on their end. Wireshark helped prove this wasn't on our end.
October 29, 2022

Wireshark is the industry standard tool - search no alternative.

Verified User
Employee in Information Technology
Financial Services Company, 10,001+ employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is the best tool for packet analysis in the market with GUI (in my experience). We use it daily to analyze network traffic, captures packets, monitor interfaces and troubleshoot network problems.
Pros and Cons
  • Easy to use GUI
  • Packet capturing is on point
  • Rock solid stable
  • A lot of functionality
  • Great support and maintenance
  • Large PCAP files load too long
  • Manual query syntax is hard to remember
  • Some features are hard to find
Likelihood to Recommend
1. IPS / IDS Packet analysis
2. Network troubleshooting by reviewing the packets to determine the issue
3. Monitoring interfaces to identify missing / extra packets
4. Analyzing packet structure of required protocol
October 29, 2022

Quick to deploy and powerfull for deep dive on network

Verified User
Technician in Information Technology
Information Technology & Services Company, 51-200 employees
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Used to hunt down hard to find issues occuring within the network, great for getting to the bottom of dhcp / dns issues along with any VOIP problem that occurs. Intergrates well with riverbed products to analyse logs. Powerfull set of filters that can narrow down to locate the desired information.
Pros and Cons
  • Analyse VOIP protocol
  • See everything occuring on interface
  • See bothi inboud and outbound reqeuest
  • Better Wizards
  • Basic / Pro view
  • Limit capture rather than capture everything to reduce log size
Likelihood to Recommend
When you need to get to the bottom of a specific issue, usually used as a last resort when the usuall diagnosics have failed. You do required physical access to switches / devices to conduct tests. Needing to configure mirror ports is not allways obtainable with hardware that you have deployed.
October 29, 2022

The best packet analyzer to monitor the application traffic.

Verified User
Team Lead in Professional Services
Computer Software Company, 1001-5000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Have done troubleshooting of network traffic using this software. It’s helped to dissect the problem up to the granular level of network packets. It was great help identify the the handshake issue algorithm compatibility issues with the database server and client. Without the Wireshark it would be hard to navigate to the root cause of the issue.
Pros and Cons
  • Network packets
  • Detailed information
  • Troubleshooting
  • Learning on how to use.
  • More documentation
  • View of the application
Likelihood to Recommend
Any network traffic can be dissected and analyzed. This will help greatly in in finding the problem with the application traffic. I have worked on database upgrade and we had connection drop while loading the database data in batch from application server. With Wireshark was able to identify the handshake algorithm used in communications and was able to find the comparability over the windows versions.
October 28, 2022

Wireshark...a must-have for an IT toolbox

Verified User
Director in Information Technology
Education Management Company, 51-200 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is an incredible problem solving tool. It allows us to see inside of the network to the actual data being transmitted and received from various devices. There is nothing like it that is as quick and easy to use. Often times in troubleshooting networks it's impossible to tell what is actually happening behind the wires and Wireshark gives you that visibility you need.
Pros and Cons
  • Realtime network data visibility
  • TCP/IP Packet inspection
  • Wired/Wireless network troubleshooting
  • Fairly straightforward, but not the simplest program to use
  • You do bounce around between windows and clicking various buttons for starting and stopping. While the interface is good, it could be streamlined somewhat
Likelihood to Recommend
Wireshark is a must-have tool for an IT manager, engineer, support specialist, etc. If you manage a network, you will, at some point, run into an issue where you need to see what is actually happening inside those packets. Wireshark gives you that opportunity and will be amazingly helpful at reaching a solution.
July 27, 2021

Simple Easy Open Source Packet Analyzer

Arnab Mukherjee | TrustRadius Reviewer
Arnab Mukherjee
ITSM and Project Management Consultant
Kyra Solutions, Inc. (Transportation/Trucking/Railroad, 201-500 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is a tool used by our Network Systems and Security Teams to analyze incoming and outgoing traffic to troubleshoot Network Issues. The tool gives end-users the option to filter traffic on specific ports and protocols and provides the ability to select a specific packet and view the entire N/W stream the packet belongs to.
Pros and Cons
  • Analyzing Network Traffic
  • Verify is Specific Ports/Traffic is being blocked by N/W device Firewall
  • Provided Life Capture and also save a Packet Capture for further analysis
  • Provide Dashboard/Graphs to display N/W Traffic
  • Trigger Notifications based on certain Traffic received
Likelihood to Recommend
Analyze Traffic across the Network. You can create your own filters with specific color codes to track the traffic of interest. The packet capture provides you all the details including the source, destination, protocol, ports and helps troubleshoot Network and Security related issues. This tool can also be used for Network and Security audits and Network Scans to monitor any rogue traffic.
July 27, 2021

Wireshark Is A Must Have for Network Admins

Mauro Biefeni | TrustRadius Reviewer
Mauro Biefeni
Head of Information Technology
Mondetta Clothing (Apparel & Fashion, 51-200 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark allows us to capture traffic on our network and see if there is any unusual activity that we need to worry about. It also allows us to track specific users' data to find if there are issues relating to client/server connectivity.
Pros and Cons
  • Capture Network Traffic - This really is the essential functionality of Wireshark as without consistent data capture there is nothing to analyze
  • Filtering - We need to often filter for specific data that we are looking for.
  • Live Capture as well as offline analysis - This gives us the flexibility to do what we need to do when we need to do it.
  • A more user-friendly interface would be nice, but then again it is not really designed for those who are not quite comfortable with this type of software.
  • Changes to functionality on updates - this can sometimes happen unexpectedly and can be an annoyance.
  • More powerful data processing would be welcomed
Likelihood to Recommend
Wireshark is great for forensic analysis of network traffic. If users are having issues, or if we are seeing connectivity issues for VPN users, or if there is suspicion of unexpected or unwanted traffic on the network, Wireshark can help to find the source of any/all of these. With filtering by key values, protocols, or IPs, this can be a very powerful tool.
July 27, 2021

Great Open Source Software to Resolve Network Issues via Packet Sniffing

AC
Albert Chen
Web Developer
Baynami (Consumer Goods, 1-10 employees)
Score 7 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is used at the IT department of our company and those with a lot of development and IT experience. It's being used to troubleshoot when software or script communication fails and troubleshoot network-related issues. It's also being used when we suspect there may be a security flaw and need to analyze packets for potential problems.
Pros and Cons
  • Inspect Network Packets
  • Troubleshoot Software Issues
  • Solve Router and Switch Problems
  • Not for the Novice User
  • Trouble Reading Some Types Encrypted Traffic
  • Interface Could Use an Update
Likelihood to Recommend
Wireshark is excellent for analyzing traffic across your computer or network. When there are communication issues between software, scripts, router, and switches, Wireshark will help troubleshoot the issue at hand. Wireshark is great at analyzing a wide variety of protocols and packets that are transferred. However, there is a really steep learning curve bunched up with an interface that could be modernized.
July 27, 2021

Must have in any security professional's toolbox

Chase Palmer, CISSP | TrustRadius Reviewer
Chase Palmer, CISSP
Senior Security Analyst
Lucid (Computer Software, 501-1000 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is one of those tools that should be in every cyber security professional's toolbox. We use Wireshark for research and investigation. When reviewing a new software we will check the network traffic coming from applications to make sure that nothing strange is coming from or to the application.

We also set up various Capture the Flag challenges for recruiting purposes and use Wireshark to set up those challenges.
Pros and Cons
  • Network traffic inspection
  • Packet inspection
  • API testing/troubleshooting
  • Filters can be difficult to remember and formulate. A simple filter set or filter builder would be helpful.
Likelihood to Recommend
I don't know of any other tool that works as well as Wireshark for packet capture an inspection. It's extremely easy to get up and running, and even with little to no knowledge of how to use the tool, you can be looking at all the traffic coming off a network interface.
July 27, 2021

Wireshark, a network engineer's secret weapon

Verified User
Executive in Information Technology
Information Technology & Services Company, 1-10 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is used across all of our client sites for in-depth network troubleshooting. Out of all the tools we have at our disposal, the ability to install a managed switch inline with a problematic device and/or workstation allows our technicians to deep dive into the network traffic and locate the issue.
Pros and Cons
  • Network Troubleshooting
  • Packet Analysis
  • Traffic Filtering
  • GUI Interface
  • Product Support
  • Product Training
Likelihood to Recommend
Wireshark is great for enterprise networks with large amounts of data traversing the network that need a way to filter and inspect specific traffic by specific parameters (i.e. destination / source IP address, host, or type). There are use-cases for smaller environments, but the amount of time needed to learn how to effectively use the tool may not be beneficial for home / small office users.
July 21, 2021

I haven't needed to look further than Wireshark

Verified User
Professional in Information Technology
Education Management Company, 501-1000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We've used Wireshark to investigate and diagnose issues with our VOIP phone system. We were able to capture network traffic in order to troubleshoot/track packet loss that was causing calls to drop. This tool was very effective in allowing us to provide the required information to the provider.
Pros and Cons
  • network traffic capture
  • header information
  • supports many protocols
  • UI/UX experience could be improved
Likelihood to Recommend
I'd always recommend Wireshark to colleagues if they're looking to analyze network traffic. They're a well know, trusted market leader in this space. I'd recommend that they watch a video demo on the product to get a better understanding of how to use it most effectively but if they were to commit some time to explore the product
March 20, 2020

Wireshark is a robust open source network packet capturing tool

Drew Harrison | TrustRadius Reviewer
Drew Harrison
Programmer
Kingmaker Software (Computer Software, 1-10 employees)
Score 8 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark was my go-to tool for capturing and analyzing network traffic while building automation technologies (web bots) for years. It allowed me to quickly see what headers, cookies, and data were being sent during web requests and responses. So I could quickly and accurately mimic the data for automation, and it made life so much easier to have all that data collected and presented in one decent interface.
Pros and Cons
  • Captures all kinds of packet data in network traffic
  • Save & restore captured packed data
  • Show errors and issues in levels below the HTTP protocol
  • Can't modify or manipulate things/data on the network (only records data)
  • A better interface would be nice - it's functional as-is, but it could use some polish
Likelihood to Recommend
If you need to analyze packet data across your network and want the low-level details, Wireshark is perfect for the job. It records the necessary data and presents it in a way that's relatively easy to read, analyze, and understand. It's got a ton of features (more than most people will ever need). However, if you're simply interested in HTTP traffic, I believe Fiddler is a slightly better choice, as it is more explicitly geared towards the HTTP protocol.
September 13, 2019

Powerful, Easy to use, Exactly what you need!

Verified User
Technician in Information Technology
Mental Health Care Company, 201-500 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I use it as a systems information manager to capture traffic on the network and analyze the packets for various reasons. I have used it to find a ping scan from a wireless network that was DOS'ing an external location, and also have used it to pinpoint a system with a corrupted NIC driver that was causing a severe broadcast storm on our main network.
Pros and Cons
  • Packet capturing
  • Packet analysis
  • Traffic monitoring and reporting
  • It is beginner-friendly as far as installation, but it could use a tutorial.
  • Perhaps there is a way to do this already, but I haven't yet seen it. It would be nice if it could be integrated with a network package that could detect network anomalies, fire up an automated packet analysis, and send a report to an administrator.
Likelihood to Recommend
It is invaluable for capturing and analyzing network traffic and identifying issues with devices that are either malfunctioning, or possibly even set up as rogue devices on a network. Using the data from a packet analysis combined with logs and MAC tables from various network devices, it can be used to find specifically where a device might be located. It's not a "set it and forget it" application, but it is well suited for on-the-spot analysis.
September 05, 2019

A staple in the network troubleshooting toolbelt

Verified User
Administrator in Engineering
Computer Software Company, 1001-5000 employees
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We use Wireshark whenever there is a need for deep-dive packet captures. We usually turn to Wireshark after we have done all other steps in general troubleshooting. Wireshark is being used by both the campus network teams, data center network teams, corporate systems team, and production systems team. It is a great tool not only for network engineers.
Pros and Cons
  • EXTENSIVE detail
  • Easy to run, even for non-networking individuals. Makes it so they can run a packet capture on their machine and send to the network team for analysis.
  • Lowcost
  • Packet capture files get extremely large, extremely quickly.
  • Sifting through packet capture can be arduous at times.
  • Sometimes it feels almost "too in-depth" and can be overwhelming to look at. Hard to know where to start looking.
Likelihood to Recommend
Wireshark is a great tool to use after general network troubleshooting has taken place; checking subnet mask, default gateway, route table, etc. It can help identify breaks or hiccups in network communication, and narrow down where further investigation should be focused. It is not a good tool to use for general troubleshooting, you need to have a core knowledge of networking to find the tool valuable.
July 18, 2019

Wireshark the best friend for network engineers

PF
Paul Fan
Technical Specialist
Telstra (Telecommunications, 10,001+ employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
Wireshark is being used widely in my organization especially in network engineering and operation teams. It's being used for multiple purposes in network design, testing, operation, and troubleshooting.
Pros and Cons
  • Wireshark is easy to use, the user can customize the display layout of the packet based on the user's own interests to only highlight the network layers and parameters being cared about.
  • There are plenty of integrated/embedded tools inside Wireshark can be used to perform deep analysis of the different type of network issues.
  • Filter and search functionality are so powerful which can be helpful for network issue troubleshooting.
  • It's better to integrate some APIs to the high-level users allowing them to design and program their own deep analysis functions to support the work.
  • it's better to optimize the algorithm processor a little bit as I will normally have trouble to open a big size packet capture larger than 3GB, the computer will become very slow and take a very long time to open the file and perform any analysis.
Likelihood to Recommend
I use Wireshark nearly every day, it's the most important tool in my daily work as a network engineer to troubleshoot the real network problem in the production network. It helps me to look into the problematic protocol scenarios in the packet layer to understand where is the problem and how to fix.
July 02, 2019

Dissect your Network Packets with Wireshark!

Jaspreet Singh | TrustRadius Reviewer
Jaspreet Singh
Cyber Security Analyst
Deloitte (Management Consulting, 10,001+ employees)
Score 9 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
Wireshark is used in our organization for monitoring the network traffic and troubleshooting in case we are facing any network related issues. It is one the most used software which lets you dissect the network packet to the tiniest details and pull out any network related information. It is used by our department only and not by everyone across the organization. Our job requires making all the systems and communications across the systems to run smoothly. So we have a constant session running on all the systems via Wireshark and in case of any problem, we quickly dump all the network packets and filter its using amazing filter function of Wireshark and then find out the problem. Without software, it might take hours or even days to solve the problems.
Pros and Cons
  • Light-weight software - Does not require high end specifications; also runs smoothly on Legacy systems
  • Filter function - Lets you filter you packets from thousands to tens so as to find your target much easily
  • Simultaneous capturing on all the network adapters - You can capture packets from all the Network Interface Cards (NIC's) at once.
  • GUI of the software can improve a bit; like some more animations can be added to make it more user friendly
  • Some more learning resources can be officially added; like filter query function is much advanced, but everyone does not know how to efficiently use it
  • Themes can also be provided to users so that people who work on this software for hours can have a new experience by changing the colors of the software
Likelihood to Recommend
Wireshark is well suited for scenarios in which the technical difficulties are being faced. A lot of times we are not aware of how computers actually talk with each other. With Wireshark, you can learn this topic in depth and help yourself and your colleagues in case anyone is facing any sort of networking related problems. Many people just use the computer system for basic tasks and often tend to get stuck on simple things like if the system is not able to retrieve the IP from the router. After you learn these concepts you can easily solve these problems. Wireshark is a bit of a technical software program and only intended for people who have a basic understanding/ background of computers. If not, this software might end up giving you a lot of information which will be really tough for you to understand. So I would recommend if you want to use this software and are interested in the concepts as mentioned before/ above, go through a quick course on computer networking concepts and you shall be good to start exploring Wireshark.
February 11, 2019

Wireshark is Solid :-)

NAKIA EPLEY | TrustRadius Reviewer
NAKIA EPLEY
Student at Green River
Ascend Hospitality Group (Computer Networking, 51-200 employees)
Score 9 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
I use Wireshark almost daily in school. I am in my final quarter of my Bachelor's Degree in Networking and Securities. We use Wireshark both on our real-time environments, virtual environments, and physical lab equipment. We utilize this through the entire I.T. program, and on the network side for the securities pathway.
Pros and Cons
  • Wireshark is SO easy to use! At very first glance, it can be a little overwhelming but after about 2 or 3 times of being walked through instruction, the ease of use makes the packet capture process easy to understand.
  • The *(TCP/UDP/HTTP, etc) filters make things very clear, and hides the information that you do not need at the moment. Following the TCP stream is laid out easily to be able to view the intrusion.
  • Integrates very well into the virtual environments as well as real-time. It acts on the virtual environment just as if it were on my physical computer.
  • There are a lot of troubleshooting features, but at this point in my program, I have not really run into anything too terribly negative to say about Wireshark.
Likelihood to Recommend
Wireshark is nicely laid out, integrates with Snort, Splunk, etc, and overall is great software. I am moving into a Critical Informatics role, or as a security analyst after graduation, and Wireshark will be one of my most solid backbone tools in pen testing. So using it on an educational platform has set me up for success once I get into a real-time environment.
September 25, 2018

Wireshark is free for those who like to snoop without limitations

Kenneth Hess | TrustRadius Reviewer
Kenneth Hess
Senior Systems Analyst
CymSTAR, LLC (Defense & Space, 201-500 employees)
Score 10 out of 10
Vetted Review
Verified User
Incentivized
Use Cases and Deployment Scope
We/I use Wireshark to capture and to analyze both wireless and wired network traffic. It is an absolutely required tool for any system administrator or network administrator. Our entire IT department uses it. Wireshark is both free and open source software, which, for what it does, saves us a lot of money. This graphical tool is easy to use and makes network packet analysis far less painful than if we had to rely just on the command line. Using Wireshark, we can analyze network traffic for further analysis ourselves or we can capture it and send it as a pcap file to a security consultant for further investigation. It is an essential part of our administrative toolbox.
Pros and Cons
  • Wireshark is easy to use and to collect network traffic with.
  • Wireshark color codes network packets based on which type of packet has been captured. This makes the analysis much quicker.
  • Wireshark has a lot of different filters that can be applied either during capture or during analysis to filter out uninteresting packets from the feed.
  • You can download and use a standalone (not installed) version to run on USB thumb drives or other external media in case you want to analyze a potentially compromised system in place.
  • Wireshark requires elevated privileges, which can either be bad or good depending on your perspective.
  • It has the standard disadvantage of capturing packets that might not reflect actual network traffic because the data is captured locally. Not a flaw of Wireshark, specifically, but of any locally run sniffing software.
  • It can be confusing for new users to see all the columns and colors. You can do a lot of customization but it takes some effort.
Likelihood to Recommend
Wireshark is best suited to capturing and analyzing network traffic data. It is not an intrusion detection system (IDS), or a honeypot, or any real-time security tool. Offline analysis is where Wireshark shines. Take a capture using it or some other tool and load it into Wireshark for extensive analysis. Wireshark is great for forensic analysis of network traffic. You can find malformed packets, attack signatures, suspicious traffic, etc. Nothing gets by Wireshark.
Return to navigation