How to use Wireshark Basics

Chưa phân loại

What is Wireshark?

Wireshark is an open source and free packet analyzer. It’s a widely used packet capturing tool among others.

How to download Wireshark and install for different OS?

Wireshark can be downloaded freely from the official website.

Here is the link to Download Wireshark. For Windows, MAC an installer will be downloaded and later it can be installed. For Linux, Wireshark can be installed through command also. Here is the command for Ubuntu:

apt-get install Wireshark

Other than these three operating systems there are other Wireshark installer can be found on the official website.

Here is the screenshot for the download page

Intention of this article?

In this article we will understand how to use Wireshark for basic usages. Here we have used Windows 10 and Wireshark version is 3.0.1. So if you are using different Wireshark version then some options may be in different places.

Steps to work with Wireshark:

After Wireshark has been installed, we need to open the Wireshark application. Here is the screenshot for 1st window of Wireshark with explanation:

Now how to get what are the interfaces?

For windows -> open command line -> run command “ipconfig

Here is the screenshot for ipconfig command

So the logic is first check ipconfig for active interfaces and then open Wireshark to capture on active interfaces. Follow the above screenshot to know which interface is active. Now as we know that Wi-Fi interface is active then we will capture on that interface. Just double click on that interface to capture packets. Here is the screenshot:

Here is the screenshot for live capturing

Now there are three main portions of Wireshark windows. Here is the screenshot [1, 2, 3]:

Here is the screenshot to show the overview of a clicked packet:

Coloring Rule: Here is the screenshot for default coloring rule for different types of packets:

Here is the screenshot if disable coloring rule:

Now we can customize coloring rule from View -> Coloring Rules. Here is the screenshot:

So now you can modify coloring rule according to your need.

Wireshark column: Here is the screenshot for Wireshark default columns:

Now if we want to add port number as column, we have to follow below steps mentioned in screenshot

There are many settings we can modify under Edit->Preferences. Here is the screenshot:

Here is the screenshot to show the important and useful options from preferences:

Here are some display filters from Wireshark. Analyze -> Display Filters

If you want to change the capturing interface follow below option:

Capture -> Options

Here is the screenshot for changing capturing interface:

After capturing is completed it’s is recommended to save the capture for future analysis. Here is the screenshot for saving a capture:

If you try to capture on an interface where no packets are there you will see below error message after you stop the capture.

And then you will be redirected to main page to select the correct interface.

For capture analysis there is on statistics Here is the screenshot for showing the important sub-menu.

Example: Here is the I/O graph to understand the packet exchanges through graph:

Here is the step to extract HTTP data like image, txt etc from capture:

You can get access to samples capture for your analysis from here: SampleCaptures


There are many options and ways to debug a capture through Wireshark. We have just discussed the basic and commonly used options from Wireshark. One more advantage of Wireshark is that it’s an open source , so you will get solution for each and every issues in internet.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan


PostgreSQL: Using where EXISTS clause When any SQL query is used inside another SQL query then it is called a subquery....

Linux df Command

There are plenty of tools out there that offer seamless methods of checking the disk space utilization. These tools are...

Web Scraping with Python Scrapy Module

The skill of web scraping has become golden today, so let‘s learn how we can get needed data from web pages. In this...
Bài Viết

Bài Viết Mới Cập Nhật

Huớng dẫn dùng proxy cho ios, iphone 2023

Cách gắn set proxy cho điện thoại android, oppo, giả lập android, Ldplayer Bằng Proxydroid

Mua Proxy Socks5 VN Chơi Game Gia Lập Tăng Cường Trải Nghiệm Chơi Game

Mua Proxy Mỹ, Us Nuôi Tài Khoản Etsy, eBay Tìm Hiểu Về Mua Proxy Mỹ tại

Mua Proxy Game – Giải pháp tuyệt vời cho việc chơi game trên mạng mà không bị giới hạn về vị trí địa lý