Wireshark is Solid :-)
Overall Satisfaction with Wireshark
I use Wireshark almost daily in school. I am in my final quarter of my Bachelor's Degree in Networking and Securities. We use Wireshark both on our real-time environments, virtual environments, and physical lab equipment. We utilize this through the entire I.T. program, and on the network side for the securities pathway.
Pros
- Wireshark is SO easy to use! At very first glance, it can be a little overwhelming but after about 2 or 3 times of being walked through instruction, the ease of use makes the packet capture process easy to understand.
- The *(TCP/UDP/HTTP, etc) filters make things very clear, and hides the information that you do not need at the moment. Following the TCP stream is laid out easily to be able to view the intrusion.
- Integrates very well into the virtual environments as well as real-time. It acts on the virtual environment just as if it were on my physical computer.
Cons
- There are a lot of troubleshooting features, but at this point in my program, I have not really run into anything too terribly negative to say about Wireshark.
- I am a student so I had no decision making process here and I was not part of the initial start-up.
Wireshark integrates into just about everything and is more of a go along than one or the other in my opinion. Its ease of use, and clear understanding, make it a go-to in analyst work.
Comments
Please log in to join the conversation