The role of Wireshark

Source: Internet
Author: User

the common functions of wireshark are divided into four aspects:

1. General Analytical Tasks

(1) Find the host that sends the most packets within a network

(2) View network traffic

(3) See which programs are used by a host

(4) Basic Normal network communication

(5) Verify the unique network operation

(6) Understand who is trying to connect to a wireless network

(7) Capturing data from multiple networks at the same time

(8) Implementation of unattended data capture

(9) Capture and analyze data to/from a specific host or subnet

(10) View and reconfigure file transfers via FTP or HTTP

(11) Import trace files from other capture tools

(12) Capturing data with minimal resources

2. Failure Task

(1) Create a custom analysis environment for the failure

(2) Determine path, client and service latency

(3) Determine the TCP problem

(4) Check HTTP proxy issues

(5) Check Application error response

(6) To find the relevant network problems by looking at the results of the graphic display

(7) to determine the overloaded buffer

(8) Comparatively slow communication to a benchmark of normal communication

(9) Find the duplicate IP address

(10) Determining DHCP service or network agent issues

(11) Determine WLAN signal strength problem

(12) Number of WLAN connections detected

(13) Check various network configuration errors

(14) Determine that the application is loading a network fragment

3. Security Analysis (Network forensics) Task

(1) Create a custom analysis environment for network forensics

(2) Check for applications using non-standard ports

(3) Determine the data to/from the suspicious host

(4) See which host is trying to get an IP address

(5) Determine the phone home data

(6) Determine the network investigation environment

(7) Global positioning and mapping of remote destination addresses

(8) Check for suspicious data redirection

(9) Check the session between a single TCP or UDP client and server

(10) Check the frame of the malicious deformity

(11) The key factor to find the attack signature in the network data

4. Application Profiling Tasks

(1) Understanding how applications and protocols work

(2) Understand the bandwidth usage of graphics applications

(3) Determine if the link to the application will be supported

(4) Check application performance after update/upgrade

(5) Check for error response from a newly installed application

(6) Determine from which user is running a particular application

(7) Check how the application uses transport protocols, such as TCP or UDP

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.