Last Updated: November 21, 2025
Wireshark
Network protocol analyzer
Core Features
| Item | Description |
|---|---|
Packet Capture
|
Capture network traffic |
Protocol Analysis
|
Deep inspection |
Filters
|
Display and capture filters |
Statistics
|
Traffic analysis |
Follow Stream
|
View conversations |
Export
|
Save analysis results |
Display Filters
| Item | Description |
|---|---|
ip.addr == 192.168.1.1
|
Filter by IP |
tcp.port == 80
|
Filter by port |
http
|
HTTP traffic only |
dns
|
DNS queries |
tcp.flags.syn == 1
|
SYN packets |
Best Practices
- Use capture filters to reduce data
- Save captures for later analysis
- Use coloring rules for visibility
- Follow TCP streams for full conversations
💡 Pro Tips
Quick Reference
Wireshark is the de facto network analyzer