Saturday, February 2, 2013

Backtrack Forensics: Wireshark

Menu: Forensics -> Network Forensics
Directory: /usr/local/bin/wireshark
Official Website:
License: GNU GLP v2+

This "article" is here just to take a note of this tool as well for completeness. It's so huge, that I even don't try to write about it, you can read the manual of buy their official book, which is 1000 pages.

The tool description from the official website Q&A:
"Wireshark® is a network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It has a rich and powerful feature set and is world's most popular tool of its kind. It runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2. It is developed and maintained by a global team of protocol experts, and it is an example of a disruptive technology. Wireshark used to be known as Ethereal®."

No comments: