Wireshark Reviews

Wireshark is a tool for ARP scanning. I started using Wireshark back when I had a YouTube channel. It was mostly a security channel to show people how easily you can get hacked and how to hack. I was doing some research for my videos. I didn't know much about security, but I was interested in it, and Wireshark was one of the software solutions that kept popping up.

I watched some videos on how to use it and incorporated that into some of my videos. When I discovered something funny on my network a couple of years later, I decided to reinstall Wireshark to run some scans and found the culprit.

 It's all on-premises. Here in South Africa, a couple of companies have migrated to the cloud, but that's quite expensive for many of them. It's much easier and cheaper to buy a server and host everything locally. The only thing they keep in the cloud is email because on-premise email is just horrible. Most of my clients are on-premises. One or two has Azure or something like that.

Wireshark has a lot of features. It's a powerful tool if you're familiar with it. You can see everything on the network with it.

The average person would probably find Wireshark hard to use. When I first installed it, I was overwhelmed by all the data it was shooting out. It doesn't make sense until you start doing some research and figure out what everything means. It isn't the most user-friendly tool. It just provides so much information. 

I'm probably not familiar with it enough to say what features it's missing, but it could be a bit more accessible to the average system administrator having issues on their network so they can pull it out and run some scans.

I rate Wireshark eight out of 10 for stability.

I probably won't be able to give good input on this, but I will give Wireshark eight out of 10 for scalability based on the limited time that I've used it.

I also use MikroTik. It's easy because I've been working with it for years, so it's hard for me to compare it with Wireshark, which I only learned to make my YouTube videos and used a couple of times in the past. 

I'd say Wireshark and Nmap are more advanced and in-depth than using MikroTik by itself, but I haven't encountered a problem I couldn't resolve without using Wireshark. The exception is when a client doesn't have MikroTik, and they use a plain router or something like that. Obviously, I would need to pull out the other tools. MikroTik does what I need it to do. 

Wireshark uses a simple "next, next, finish" installer. Any person who can read can install it.

I rate Wireshark eight out of 10. It has much more network functionality than MikroTik, but the downside is a person has to learn it to use it correctly. Maybe make it my New Year's resolution to watch a tutorial on how to use it and start using it more in the new year.

Our primary use case for the solution is to see the over-the-air packets, the data transmission, and the wifi connection.

The transmission and reception issues are valuable. For example, while debugging through food issues, we can draw the graph of the data captured in the solution and see how the throughput is moving.

The solution can be improved by increasing its capacity to manage larger files. Wireshark gets stuck when it is a larger file.

We have been using the solution for approximately eight years.

The solution is stable.

The solution is scalable.

We have not had experience with customer service and support.

The initial setup is straightforward. 

I rate the solution a nine out of ten. The solution is good, but the solution can be improved by increasing its capacity to manage larger files. I advise users considering the solution to have the latest PC to load it. The newest voice is also required to load it otherwise it is difficult to open.

We primarily use the solution for reading packet captures. It's like a packet analyzer, packet capture. 

I'm just reading some packets and looking for interesting tracking. That's all.

The solution is open-source. 

It does have SolarWinds in it or is involved in SolarWinds in some way.

The search filtering is very good. 

It has good basic features. 

There's a lot of information available online. Even if I am looking for something special, I can find details about that aspect. 

It is well structured.

The initial setup is very easy.

I find the product to be quite stable. 

We can scale the solution. 

It works pretty well, and we haven't seen any areas that are lacking. 

We'd like to be able to extract the output into an Excel table.

I've used the solution for a couple of years. 

The solution performs well. It's stable. We haven't had issues with bugs or glitches. It doesn't crash or freeze. 

In the beginning, maybe seven or eight years ago, we did have some issues. However, that was a long time ago, and that was resolved. 

It's my understanding that the solution can scale. 

You can pay for a version that offers a support tier. However, I am using the basic, free, open-source version. There is no support tier. If you need information in relation to troubleshooting, everything you need is online. You can search the internet and find what you need. 

The solution is very simple and straightforward. It's pretty easy. I wouldn't classify it as complex or difficult. 

I'd rate it five out of five in terms of ease of setup.

The solution is open-source and free to use. That said, there is a paid tier with more features if a company needs a bit more. 

I'm a customer and end-user. 

I'd recommend the solution to others. It's a good product. 

I'd rate the solution ten out of ten. 

We use Wireshark as a tool for network troubleshooting when we need to verify something directly. It is not used every day.

As an example, FortiGate, Wireshark can also export, we can pick up a file, process it, and apply it. Some tools allow us to take, capture, define and export to Wireshark, so we are able to analyze in great detail.

The most valuable feature of Wireshark is the ability to choose a destination of flow that has not been working as expected, it looks for a label, and we put the label within.

I would like to see Wireshark improve the ease of application of the command. The command is very powerful, but not easy to apply.

For the next release, I would like to see the motion of the measurement of the terminal loss packet. The round-trip delay. Also, it would benefit from improving the capability to evolve in real-time.

I have been using Wireshark for ten years.

Wireshark has been stable when I have had to use it.

The initial setup of Wireshark is not straightforward.

The version of Wireshark we use is free. 

Wireshark is a very useful tool. I would rate the solution an eight out of ten.

I used it for a couple of school projects last semester. We basically had to emulate how to capture packets in transit in a network. After capturing those packets, we analyzed them. We also had to break down email messages and dig out pictures inside email messages.

It was deployed through a cloud. They had set up a subscription for a class VM.

Being able to dissect email data and figure out what is inside email messages was the most valuable feature. Such a feature is pretty helpful for an ongoing forensic investigation or when there is a potential insider threat that you are trying to investigate. It allows you to see the network activity of the users you are investigating. It also gives you more visibility into your network.

It was very easy to set up. There is a lot of information out there on Google and YouTube about how to use it. There is also community support. If you have any trouble, it is pretty easy to find an answer online. You will have to do some digging only if you have a very specific use case.

Its user interface was a little less friendly. They can make its user interface a little bit more friendly. It is for technical people, and most of the technical people would be able to figure it out, but it would be good to improve its user interface.

They can maybe build artificial intelligence into it. Currently, it takes a lot of manpower to analyze and dissect all the data.

I started using it last November. It has been six months.

It was pretty stable. It never crashed.

Scalability could be a challenge because you can analyze so much data with Wireshark, which can be hard if you don't have a very specific case or plan for it. 

If there is no automated solution, scalability could be a little bit difficult. It gives you more visibility into your network, and you can see the packets that are coming in and going out of the network. The only challenge is that if it is a big organization, there would be a lot to process. Having an automated solution on the side would probably help.

I didn't have to contact them.

It was pretty straightforward. It took less than 20 minutes.

I deployed it myself. It does not require any maintenance.

It is free.

I would advise others to have a game plan for it because there is a lot of data that goes into it. You can analyze a lot of data. Having a very strategic game plan would be ideal.

I would rate Wireshark a ten out of ten.

I basically use Wireshark for network troubleshooting.

For simple protocol and packet capture, it is very easy to use.

It has a good syntax to put the commands in and get information out of.

The only thing that I don't like is sometimes there is an update, and something that I was using is either no longer there or it has changed. However, this is common when they upgrade software, so it's normal with any software.

Because this product is open-source, sometimes there are contributors who make changes and they aren't properly vetted throughout the whole community. Access to older functionality should stay as a user preference so that they can still use it the old way if they want to.

I have been using Wireshark since it first came out, between 10 and 20 years ago.

Stability-wise, it is very good.

The scalability is very good and it's simple to do.

The initial setup is straightforward for a technical person. This is not the type of product that can be easily set up by an end-user who is non-technical.

This is an open-source product that can be used free of charge.

This is a good product for quick and easy troubleshooting.

I would rate this solution a ten out of ten.

I use it for network investigation, I even have a patent for the simplification of Protocol Analysis. I have used Wireshark many times to troubleshoot network situations and problems. The patent solved the problem of troubleshooting where you needed to know the direction and course a packet takes in the network which helps with the ability to know where problems lie in the network. We developed the system to actually troubleshoot an entire network through the use of network probes, which acted as smaller protocol analyzers.

It helped in the sense that it allowed the team to troubleshoot networks faster. While I worked at Verizon, our group was able to provide network analysis of our testbed which gave us an advantage over most test groups. This was because we could follow a packet throughout the network to examine the treatment that the packet was receiving in the network. The improvement came when we realized that through the use of this method we could duplicate the results of using a much more expensive version of our program called RMON.

I use the filters very often, to determine what type of traffic I am looking for. The use of filter allows traffic to be segmented so that a value can be looked at individually apart from the other traffic. I remember one day when we had to find out what was causing one of the systems to crash. We used our system to look at the network as a whole and we found that the device actually gave us the ability to segment the network finding the problem is a faster way which allowed for a more accurate test of the network.

The system could be improved upon by adding a better and more powerful data processing engine. The original was based on the Raspberry Pi. The RPi unit acted as a sensor on the network relaying information back to a centralized computer which was able to correlate and provide analysis as to the packets and their reaction to traffic loads. Much improvement could have been done but we were not that lucky. The more we designed items the more we began to realize that we were getting too far from our central goal of trying to make the network better.

I have been using it since it was called Ethereal.

I am impressed with the stability. 

Great scalability, but they are beginning to sacrifice ease of use for complexity. That was why we needed to simplify things.

No, we did not use another solution like wire-shark, but what we used in the past was the RADco. The RADcon was a protocol analyzer that was an all in one unit that was the standard at the time but did not allow for cooperative testing.

If you can get the same use for less cost do it.

No, we did not.

It has help me to 

• solve network and transaction issues
• understand protocols and application communication
• check quality
• solve security issues. 

I can save the traffic and analysis when I want to. Also, it's especially helpful to follow the stream (TCP, UDP, etc.).

It needs the ability to follow multiple interfaces for specific traffic from different network zones/virtual networks. It would help to understand how any packet is going through the network.

Sometimes, in the previous version, it lost the scroll when I needed to scroll back and forth.

No issues with scalability.

Sometimes I need to use tcpdump when I need to check the packets on CLI.

Very easy. It's also possible to change source code and compile if you want to change something in the code, because it's free.

It's free.

I believe everyone should use this tool if they need to analyze packets.