In addition to capturing and displaying network traffic, Tshark reads multiple formats standard for captured data, including the files created by tcpdump, a popular format on Linux and other UNIX-like systems. Therefore, it is included in the Wireshark distribution. It even uses the same code for dissecting packets. It is probably clear from the name that Tshark is a part of the Wireshark project.
I use Tshark more often than any text-based protocol analyzer because of its flexibility and the wide range of protocols it can decode. Three standard tools in this open-source collection are Tshark, ngrep, and tcpdump. Generally, those are where the hardware platform does not support windows, such as with an embedded system such as an internet router. Sometimes, though, that may be impossible or inappropriate.Ĭharacter-based (or text-based: without windows) tools are used in many situations. Lanwatch uses a windowing interface to display networking packets. Finally, a few years ago, I contributed to what is now the Wireshark protocol analyzer. Later I used software protocol analyzers such as netwatch (later the commercial LANWatch) to dissect packets. In graduate school in the 1980s, I worked on networking software. What happens on a network has always been an interest of mine.
0 kommentar(er)
