• xxx-xxx-xxxx
  • xxx@gmail.com

Andrew Kim - Security - WireShark

Category: Categories: Andrew Kim - Security

Introduction

Webshark is a tool used to read/ monitor computer network traffic.

That is, your computer connects to the network (or internet) using either wifi or an ethernet. Wireshark can view the data coming and going from your computer.

About Wireshark

To a computer there’s some logic to process network packets. It consists of many layers (around 7) and one of those layers is to convert wifi/ ethenet to packets.

This program will read the network traffic going on between your computer and the computer network. You can use it to solve odd problems. You can also use it to study traffic, to look at application leaks, etc.

So you install Wireshark. Then you start Wireshark, and there’s a bit of configuration. And pretty soon you start receiving a stream of network packets. Sometimes lots and lots. Different rows will sometimes have different colors. The different colors represent different types of packets.

As a computer security professional, There’s a few things to know.

  • You can zoom in to see details of each packet.
  • There’s a lot of network traffic hitting your computer. You can imagine outlook looking for email. The OS looking for updates. The list goes on and on. And you should understand these.
  • You should learn the different packet types and the contents of those packets. What does a normal packet look like?
  • In an office, in all likelihood, if you install Wireshark on your computer, then in all likelihood, the different network traffic is probably going from a central location, through routers (or switches) which filter out network packets not meant for the computer connects or the network. So the placement of this program becomes important. (In other words on a computer you’ll see packets going and coming from your computer, but in a server you’ll see packets from all the computers sending data to that server and all the packets going from the server to the different connected computers)
  • These days many of those packets are encrypted.
  • You can save these captures.
  • There are programs out there which will read the packet streams and present the data on a way easier to manage.

Summary

Remember, Wireshark is a simple to use to. But there is a high learning curve to what the packets mean, before the program becomes useful. You want to find time to learn Wireshark, before you are required to solve s problem that requires you to use this tool.


Categories

Tags

Featured Posts

About Us

The Coffee Place is a collection of pages focusing on several basic themes. Note This is a fictional coffeeshop in a fictional town. It exists purely for your (ok my) pleasture.

Contact

270 Capistranto Road Unit 12
Markland Square
Markland City, CA 94019
Phone: xxx-xxx-xxxx
Email: xxx@gmail.com
© 2025 The Coffee Place
Privacy Policy | Terms of Service