Wireshark is a very popular network packet analysis software, the function is very powerful. Various network packets can be intercepted to display details of network packets. People who use Wireshark must understand the network protocol, otherwise they can not understand Wireshark.
For security reasons, Wireshark can only view packets, not modify the contents of the package, or send packets.
(/*** network Packets--computers can only recognize binary data, and the data is stored in a binary way on the computer.) To realize the communication between multiple computers, it is necessary to rely on certain communication protocols, such as TCP/IP/HTTP and other network protocols. In order to differentiate between each protocol, the data is used in the transfer process and the protocol is added to the specified format. Packets are referred to as network packets in the network with the specified protocol transfer process. It can also be understood as a package of data to send. For example: The courier should send your purchases to your home, it should be packaged first, and then add your personal information, and finally sent to your hands, the whole process is called a packet. /)
For example, use Wireshark to view tcp,udp.
(TCP,UDP http://www.cnblogs.com/bizhu/archive/2012/05/12/2497493.html)
Wireshark is a network packet that captures a NIC on a machine, and when you have multiple NICs on your machine, you need to select a NIC
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M00/83/B1/wKiom1d6Vv_hazPNAAEWqrw-Wv4581.png-wh_500x0-wm_3 -wmp_4-s_1452787637.png "title=" 1.PNG "alt=" Wkiom1d6vv_hazpnaaewqrw-wv4581.png-wh_50 "/>
Wireshark Window Introduction
650) this.width=650; "Src=" Http://s2.51cto.com/wyfs02/M01/83/B1/wKiom1d6WC6Q1neiAALOL6iTEUQ692.png-wh_500x0-wm_3 -wmp_4-s_226644192.png "title=" 2.PNG "alt=" Wkiom1d6wc6q1neiaalol6iteuq692.png-wh_50 "/>
650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M01/83/B0/wKioL1d6WNySFOn1AAGdiLBkJJ8925.png-wh_500x0-wm_3 -wmp_4-s_4294011813.png "title=" 3.png "alt=" Wkiol1d6wnysfon1aagdilbkjj8925.png-wh_50 "/>
/***
Linux Network packet Analysis tool tcpdump
The simple definition of tcpdump is: The dump the traffic on a network, based on the user's definition of the packet interception of packets on the Data Packet Analysis tool.
Wireshark (formerly Ethereal) is a very easy-to-use grab tool under Windows. But under Linux it's hard to find a handy graphical grab bag tool. Fortunately there are tcpdump. We can do this with the perfect combination of Tcpdump + Wireshark: Grab a packet in Linux, and then analyze the package in Windows
***/
This article is from the "Marvin" blog, make sure to keep this source http://marvinchen.blog.51cto.com/6457668/1795724
Wireshark how to grab bag, Wireshark grab bag detailed graphic tutorial