Question: What is Wireshark?

Posted

Answer:

Wireshark is a program that allows people to watch and analyze network traffic. More specifically, it is a free, open-source program cybersecurity folks use to analyze the traffic going across a given network.

With this program, users can see exactly what people and their machines are sending. If people are not encrypting their traffic, Wireshark users can see the exact information being sent.

To know if your data is encrypted and cannot be readable by anyone else, look at the URL. If it includes “https” instead of “http,” your data is not encrypted and thus cannot be read by anyone else. If it uses “http” instead of “https,” your data is encrypted and can be viewed by another person.

For example, if you’re on a site that has “http” in its URL and you entered your credit card number or password, Wireshark users could see that information clearly. Whether or not you are on an encrypted site is very important for this reason.

Wireshark is useful for watching traffic in that users can see who is getting into your machine or network. This allows Wireshark users to observe when people should not be accessing any given device or network. With that information, Wireshark allows its users to block the “bad traffic.”

This program is an important tool to use in analyzing networks and offering protection for those networks.

Another important use of Wireshark is to analyze your traffic and see what protocols or “rules” are being used, which ones are not needed, and which ones are inefficient. With the 

Another important use of Wireshark is to analyze your traffic and see what protocols (rules) are being used and which ones are not needed or that are inefficient and then remove them from our network and allow traffic to move faster.  In a way it is like us looking at traffic thru town and realizing lots of big trucks that pass through and then building a bypass so they go around and people needing to go places in town can travel faster and easier.

There are tons of things about network traffic you can observe and analyze and an important tool for network and security professionals. 

Send me your questions about computers to my email dwight@dwightwatt.com, and me know that you  read this in the paper. I will pick a question to answer each week. 

Dwight Watt does computer work for businesses, individuals and organizations and teaches about computers at a college. His webpage is www.dwightwatt.com His e-mail address is dwight@dwightwatt.com.

Dwight Watt, What is Wireshark