Wireshark is very popular among Security Professional especially Network Engineer and Pentester. The reason is that Wireshark can be used for Network Packet Analyzer.
For those who are not familiar with Network Packet Analyzer, it has been used to capture network packets within the network range of the target. Once the data have displayed on the Wireshark interface, the Security Professional will analyze the data for further investigation.
Why Use Wireshark?
Security Professional which include Network People use Wireshark for the following reason:
- To troubleshoot and examine the traffic whenever security problems occur.
- To verify any network applications were to see if everything works smoothly as planned.
- To learn and practice about network protocol internals for beginner
Download and Usage of Wireshark
For those who want to download Wireshark, can proceed to here
Once finish download Wireshark into your machine, you will need to set-up the Wireshark interface so that it can use at your machine.
Wireshark interface will look like below after the user completed set-up the Wireshark
After you see the Wireshark above, you need to double-click on the network device. In my case, I will double-click on the network device Wi-Fi: en0 to make it running.
The result of the network packet data will look something like the picture above.
For further investigation on the packet data, the user can go there by right-clicking on the packets data and select Follow > TCP Stream.
From there, the user can analyze what the packet data contain either malicious traffic or secure traffic have been communicated.
All the best!