Do you need to sniff out and spy on network communications in a LAN, WAN or any network configuration? Or have you found yourself in a difficult situation troubleshooting network-related problems inside and outside of your network? Then you need a network analyzer to examine the packets going into and out of certain media. Wireshark can help. Keep reading to find out how.
Before we dive deeper into this tutorial, you need to know some very important network-related terms to help you understand how to use Wireshark for network troubleshooting and analysis. There are actually a lot of terms you'll need to know to get the most out of using Wireshark. The terms below, however, are the most important.
Packets: This is the most basic information representing data (that contains the headers and user information) that is communicated between computers in the modern age. Think of a packet as a block of data. These data are in binary form called "bytes." Digital communication is a communication of binary data (bytes) and in modern communication (such as the Internet), these bytes are grouped into packets.
Think of a packet like a piece of postal mail. The envelope is the "headers" (as it contains the information for where to send the specific packets, and provides a means to authenticate the information, if it is indeed correct). The message inside the envelope is the actual user information to be transmitted or received.
TCP/IP: This stands for Transmission Control Protocol/Internet Protocol. It is a protocol for governing Internet communication. More precisely, these two work together in efficiently transmitting and receiving packets as they travel the digital communication network.
Ethernet: This is a protocol/computer networking technology for local area networks.
Network interface: This is your LAN network card. The function of the network card is to provide a physical (hardware) interface for executing Ethernet communications in a local area network. This is used as a capturing device for Wireshark, where packets are intercepted, displayed and analyzed by the application.