Monitoring your network can help you gathering the data needed to analyze its performance. Some costly tools are available, but if your budget doesn’t allow you to buy any of those tools, try Wireshark.

Wireshark is a free tool commonly used for network troubleshooting. Even though it is free, the power it has is no less powerful than that of the costly tools. It is a perfect choice for everyone.

Features and Highlights

The installer of Wireshark lets you choose which components to install. The components are Wireshark, TShark, plugins and extensions, tools, and documentation. All of these components require 211.2 MB of your hard drive space.

The plugins and extensions include Dissector Plugins, Tree Statistic Plugins, Mate, Transum, file type plugins, Codec plugins, Configuration Profiles, and SNMP MIBs.

The tools include Editcap, Mergecap, Text2Pcap, Reordercap, DFTest, Capinfos, Rawshark, Randpkt, MMDBResolve, Androiddump, Sshdump, Ciscodump, UDPdump, and Randpktdump.

The installer creates two shortcuts in the Start Menu and Quick Launch by default, as well as associates Wireshark with trace file extensions such as cap, enc, tpc, trc, wpc, pcap, ipfix, and many more.

Wireshark has the ability to capture data packets in real time, but it works only with the help of either WinPcap or Npcap. The installer checks if either of the two is installed on your computer system. If it doesn’t detect any, it offers to install Npcap. The installer also provides a link to the WinPcap web page if you choose to install it instead.

To use Wireshark, you have to run it as an administrator. As soon as you open the main interface of Wireshark, you will be able to view your network connections. Each available network is accompanied with a line graph. Choose one network from the list if you want to start capturing packets. After that, click Capture on the menu bar. You can also select multiple networks.

Once you click Capture, another window called Wireshark Capture Interfaces will open. Click the Start button on that window. What you should do next is clicking the Export option. The capture process can be ended manually by using the provided keyboard shortcut, which is Ctrl + E, or by clicking the Stop button on Wireshark toolbar.

The captured data interface is split in three panes. The top portion of the interface is where the packet list pane located. In the middle of the interface, you have the packet details pane. At the bottom of the interface, you can view the packet bytes pane.

Download Wireshark for Windows

To record specific packets, you can use filters. There are many filters in Wireshark, each can be activated manually. The autocomplete feature makes it easier for you to find the filter that you need. Additionally, there are several methods to choose a filter, so you can use the method that suits you the best.

Wireshark also has 20 coloring rules to help you analyzing the packets. You can edit each color and remove any color that you don’t need. It is also possible to create your own filters. You can click the link below to download Wireshark for Windows: