Wireshark

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
Wireshark is cross-platform, using the GTK+ widget toolkit to implement its user interface, and using pcap to capture packets; it runs on various Unix-like operating systems including Linux, Mac OS X, BSD, and Solaris, and on Microsoft Windows. There is also a terminal-based (non-GUI) version called TShark. Wireshark, and the other programs distributed with it such as TShark, are free software, released under the terms of the GNU General Public License.
There is also a malicious rogue anti-spyware program called Wireshark Antivirus that reports false information. This is in no way related to the packet analyzer program, Wireshark, and the two should not be confused.

Wireshark
Logo
Wireshark GUI
Wireshark GUI
Developer(s) The Wireshark team
Stable release 1.4.2 / November 19, 2010; 53 days ago (2010-11-19)
Preview release 1.4.0rc2 / July 29, 2010; 5 months ago (2010-07-29)
Written in C
Operating system Cross-platform
Type Packet analyzer
License GNU General Public License
Website www.wireshark.org

Functionality

Wireshark is very similar to tcpdump, but has a graphical front-end, and many more information sorting and filtering options (although similar sorting and filtering can be achieved on the command line by combining tcpdump with grep, sort, etc.). Wireshark allows the user to see all traffic being passed over the network (usually an Ethernet network but support is being added for others) by putting the network interface into promiscuous mode.

History

In the late 1990s, Gerald Combs (a computer science graduate of the University of Missouri-Kansas City), was working for a small ISP. They had plenty of situations where a protocol analyzer would have been handy, but all of the commercial products at the time didn't run on their primary platforms (Solaris and Linux), and were also very expensive. So he started writing a program called Ethereal as a tool to capture and analyze packets ; he released the first version around 1998. As of now there are over 500 contributing authors while Gerald continues to maintain the overall code and issues releases of new versions; the entire list of authors is available from Wireshark's Web site.
The name was changed to Wireshark in May 2006, because creator and lead developer Gerald Combs could not keep using the Ethereal trademark (which was then owned by his old employer, Network Integration Services) when he accepted a job with CACE Technologies.He still held copyright on most of the source code (and the rest was re-distributable under the GNU GPL), so he took the Subversion repository for Ethereal and used it as the basis for the Subversion repository of Wireshark. In 2010 Riverbed Technology purchased CACE and took over as the primary sponsor of Wireshark.

Tidak ada komentar:

Posting Komentar