New to Wireshark Application

Discussion:

Kaushal Shriyan

2014-05-29 09:32:08 UTC

Hi,

I am new to Wireshark. Can someone please guide me to get started using
Wireshark Application and the prerequisites to master this craft.

Regards,

Kaushal

Jaap Keuter

2014-05-29 13:32:00 UTC

Permalink

Hi,

Go to the wireshark.org website and use the Learn page as your jump board to all
knowledge, either as document, video, course, wiki, FAQ, etc.

Enjoy,
Jaap

Post by Kaushal Shriyan
Hi,
I am new to Wireshark. Can someone please guide me to get started using
Wireshark Application and the prerequisites to master this craft.
Regards,
Kaushal

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe

Kaushal Shriyan

2014-05-29 13:39:41 UTC

Permalink

Post by Jaap Keuter
Hi,
Go to the wireshark.org website and use the Learn page as your jump board to all
knowledge, either as document, video, course, wiki, FAQ, etc.
Enjoy,
Jaap

Hi Jaap,

Thanks for the reply. Help me understand, so i use tcpdump to do a packet
trace and then use Wireshark to decode it? Can i use Wireshark to do pcap
traces? And also I am not sure what is tshark? Please explain.

Regards,

Kaushal

Post by Jaap Keuter

Post by Kaushal Shriyan
Hi,
I am new to Wireshark. Can someone please guide me to get started using
Wireshark Application and the prerequisites to master this craft.
Regards,
Kaushal

___________________________________________________________________________
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
?subject=unsubscribe

Guy Harris

2014-05-29 20:04:43 UTC

Permalink

Thanks for the reply. Help me understand, so i use tcpdump to do a packet trace and then use Wireshark to decode it?

Yes, you can do that, if the decoding that tcpdump does isn't sufficient.

Can i use Wireshark to do pcap traces?

I.e., can you use Wireshark to capture traffic, as well as to analyze it?

Yes, you can.

And also I am not sure what is tshark?

It's a command-line protocol analyzer, in the same sense that tcpdump and Sun's snoop are. It can:

capture traffic and print a dissected version of the packets, as tcpdump and snoop can;

capture traffic and save it to a file, as tcpdump and snoop can;

do both at the same time.

It's a companion program to Wireshark, using the same dissectors, so it can produce a Wireshark-like dissection.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe

Kaushal Shriyan

2014-05-30 01:52:02 UTC

Permalink

Post by Kaushal Shriyan
Thanks for the reply. Help me understand, so i use tcpdump to do a

packet trace and then use Wireshark to decode it?
Yes, you can do that, if the decoding that tcpdump does isn't sufficient.

Post by Kaushal Shriyan
Can i use Wireshark to do pcap traces?

I.e., can you use Wireshark to capture traffic, as well as to analyze it?
Yes, you can.

Post by Kaushal Shriyan
And also I am not sure what is tshark?

It's a command-line protocol analyzer, in the same sense that tcpdump and
capture traffic and print a dissected version of the packets, as
tcpdump and snoop can;
capture traffic and save it to a file, as tcpdump and snoop can;
do both at the same time.
It's a companion program to Wireshark, using the same dissectors, so it
can produce a Wireshark-like dissection.

Thanks Guy Harris for the explanation.

Regards,

Kaushal

Kaushal Shriyan

2014-05-30 01:56:28 UTC

Permalink

Post by Kaushal Shriyan

Post by Kaushal Shriyan
Thanks for the reply. Help me understand, so i use tcpdump to do a

packet trace and then use Wireshark to decode it?
Yes, you can do that, if the decoding that tcpdump does isn't sufficient.

Post by Kaushal Shriyan
Can i use Wireshark to do pcap traces?

I.e., can you use Wireshark to capture traffic, as well as to analyze it?
Yes, you can.

Post by Kaushal Shriyan
And also I am not sure what is tshark?

Thanks Guy Harris for the explanation.
Regards,
Kaushal

Hi,

Do i need to first learn tcpdump in detail and the intricacies and then
wireshark protocol analyzer. Any tutorials to learn tcpdump for beginners.
I have read the man page of tcpdump. Please guide.

Regards,

Kaushal

Guy Harris

2014-05-30 06:38:54 UTC

Permalink

Post by Kaushal Shriyan
Do i need to first learn tcpdump in detail and the intricacies

No.

If all you're using tcpdump for is to capture packets, the only stuff you'll need to learn is possibly the capture filter syntax...

Post by Kaushal Shriyan
and then wireshark protocol analyzer.

...which will come in handy for Wireshark, as it (and TShark) use the same syntax (because they use the same library to capture traffic). For information on that, see

http://procana.asuscomm.com

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users-IZ8446WsY0/***@public.gmane.org>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request-IZ8446WsY0/***@public.gmane.org?subject=unsubscribe

Continue reading on narkive:

Search results for 'New to Wireshark Application' (Questions and Answers)

replies

What's your favorite Linux application?

started 2011-03-17 06:16:14 UTC

software

replies

Please HELP!! I have a question about Wireshark?!?

started 2011-07-07 10:32:23 UTC

computer networking

replies

Help please!! Wireshark Virus.. Cant remove.... Advice?