top of page
Writer's pictureDiniz Martins

TShark

Tshark, a well known and powerful command-line tool and is used as a network analyzer. It is developed by Wireshark. It’s working structure is quite similar to Tcpdump, but it has some powerful decoders and filters. TShark is capable of capturing the data packets information of different network layers and display them in different formats.


TShark is used to analyze real-time network traffic and it can read .pcap files to analyze the information, dig into the details of those connections, helping security professionals to identify their network problem.


Installing on Linux:


TShark prints a list of the interfaces whose traffic it can capture. Each interface is referred to by their serial number and as you can see it is followed by a text description of the network interface. These interfaces can be specified using -i parameter; which is used to specify the network whose traffic we want to capture. And to check out these interfaces you can use the parameter -D as shown below:

In the networking, promiscuous mode is used as an interface controller that causes tshark to pass all the traffic it receives to the CPU rather than passing the frames to the promiscuous mode is normally used for packet sniffing that can take place on a router or on a computer connected to a wired network or a part of LAN.

When using this mode, we will need to configure it with the help of ifconfig so that it let us capture the data packets of the whole network. Therefore, we will start by pinging a website and try to capture its data packets.


> Capture the packets:


> Packet count:


> Read and Write in a file:


> Verbose mode:


> Tabs:


> Capturing packets of a particular port:

> Display filter:


58 views0 comments

Recent Posts

See All

IPSec vs. TLS

When it comes to securing data over networks, IPSec (Internet Protocol Security) and TLS (Transport Layer Security) are two of the most...

VyOS Basic Configuration

VyOS is an open-source network operating system that provides software-based network routing, firewall, and VPN services. It is designed...

Comments


bottom of page