The most popular network protocol analyzer in the world, Wireshark is the de facto standard in many sectors of the economy and academia.
thorough examination of hundreds of protocols, and ongoing additions
Both offline analysis and live capture
three-pane packet browser standard
Multiple platforms: operates on numerous operating systems, including Solaris, FreeBSD, NetBSD, Linux, OS X, and Windows.
Network data that has been captured can be seen using a GUI or the TTY-mode TShark program.
The industry’s strongest display filters
detailed VoIP analysis
Read and write a wide variety of capture file formats
Gzip-compressed capture files can be instantly decompressed.
Depending on your platform, you can read live data from Ethernet, IEEE 802.11, PPP/HDLC, ATMs, Bluetooth, USB, Token Rings, Frame Relays, FDDI, and other sources.
Support for decryption of many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.