Wireshark is a must have for anyone concerned about the security of their
network. Use this is conjunction with your firewall logs (ie. ipfw.log) to more
fully understand the communication exchange between you and the offending ip. I
have a Mac, yet some box in Beijing was littering UDP packets concerning my
Windows OS being infected by viruses: updated my firewall rules, contacted their
isp with logfiles, and moved on.
Also useful for troubleshooting any network communication from web based apps
to email servers...
The install was painless. One of my favourite features is the "use
multiple files" with "ring buffer" selected. This allows you to
have a rolling 24 hours of logs, as an example, allowing the app to run in X
windows in the background while you go about your business.
Real memory footprint is fairly lean @ 39.48Mb to load, then seems to hold
your temp buffer in memory so I'd recommend keeping your file sizes reasonable
when performing a capture. CPU usage during capture in background rarely went
above 10% ... occasionally spiked but never saw higher than 25.5% . Face it
your browser is more resource intensive!
Excellent documentation from the menubar: man pages which open in your
browser (file:///opt/local/share/wireshark/wireshark.html), a staggering list of
supported protocols, even online manual (http://www.wireshark.org/docs/wsug_html_chunked/)
Review by RandaL_Hicks (11 months ago)
Wireshark is a must have for anyone concerned about the security of their network. Use this is conjunction with your firewall logs (ie. ipfw.log) to more fully understand the communication exchange between you and the offending ip. I have a Mac, yet some box in Beijing was littering UDP packets concerning my Windows OS being infected by viruses: updated my firewall rules, contacted their isp with logfiles, and moved on.
Also useful for troubleshooting any network communication from web based apps to email servers...
The install was painless. One of my favourite features is the "use multiple files" with "ring buffer" selected. This allows you to have a rolling 24 hours of logs, as an example, allowing the app to run in X windows in the background while you go about your business.
Real memory footprint is fairly lean @ 39.48Mb to load, then seems to hold your temp buffer in memory so I'd recommend keeping your file sizes reasonable when performing a capture. CPU usage during capture in background rarely went above 10% ... occasionally spiked but never saw higher than 25.5% . Face it your browser is more resource intensive!
Excellent documentation from the menubar: man pages which open in your browser (file:///opt/local/share/wireshark/wireshark.html), a staggering list of supported protocols, even online manual (http://www.wireshark.org/docs/wsug_html_chunked/)