Question about WiREshark

WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
hey all, i have question about wireshark? why so many command in wireshark
example for ether net : eth.addr eth.len eth.src
tcp.ack tcp.options.qs
ip.addr ip.fragment.overlap.conflict
r.becn fr.de

maybe i need to ask to yu, what's function wireshark?icon_sad.gif

Comments

  • chrisonechrisone CISSP, CRTP, eCPPT, LFCS, CEH, Azure Fundamentals, Retired Cisco NPs Member Posts: 1,913 ■■■■■■■■□□
  • TheShadowTheShadow Member Posts: 1,057 ■■■■■■□□□□
    Well this is a little dated but still valid and free
    Wireshark Tutorial and Podcast from Chris Sanders

    If your link is fast enough for youtube videos watch this intro, also free from NoKentuckyU
    YouTube - Introduction to Wireshark (Part 1 of 3)
    Who knows what evil lurks in the heart of technology?... The Shadow DO
  • WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif
  • seekritseekrit Member Posts: 103
    Willaynto wrote: »
    hey all, i have question about wireshark? why so many command in wireshark
    example for ether net : eth.addr eth.len eth.src
    tcp.ack tcp.options.qs
    ip.addr ip.fragment.overlap.conflict
    r.becn fr.de

    maybe i need to ask to yu, what's function wireshark?icon_sad.gif

    Wireshark has the ability to capture a ******* zillion different types of traffic. So there is a zillion different filter options that allow it to focus on specific conditions.

    Wireshark is not for the timid or the weak. The Official Study guide by Laura is pretty much the bible of packet capturing and the new book on campus for the new Wireshark Certification. If you're going to use it, you had better freshen up on your transport and networking layer traffic/protocol types.
  • ibcritnibcritn Member Posts: 340
    Wireshark is a GUI based protocol analyzer which I really love, but sadly it has so many vulnerabilities all the time.....

    So the protocol analyzer of choice is TCPdump, or Windump for me :)
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • alan2308alan2308 CISSP, MCSA 2008, MCSA 2012, CCNA R&S, CCNA Security Ann Arbor, MIMember Posts: 1,854 ■■■■■■■■□□
    Willaynto wrote: »
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif

    No, you do not have to pay for wireshark. It's freely available from the website. It runs on Windows, Mac, Linux.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Willaynto wrote: »
    thank's man, but i don't understand what's link yu give to me ?
    that's mean i must buy that product? wiresharck?icon_sad.gif


    Maybe you mean the shark appliance...
  • WillayntoWillaynto Member Posts: 15 ■□□□□□□□□□
    hmm, thank's guys, i know wireshark now, yes they are like tcpdumb, like filter display for any command in routericon_lol.gif
Sign In or Register to comment.