← Back

Enhancing Network Security and Performance : Wireshark and Packet Analysis
Julissa Paramo

Introduction
Within a network, nodes (devices) are in constant communication with one another. When a node wants to talk to another node, it sends a packet containing the information it would like to communicate. This packet contains important data related to the request being sent, such as the source of the packet, where the packet is going, the data being sent, an identifier, and the protocol being used (Cloudfare, n.d.).

 Packet Analysis

Inspecting communication within a network (traffic) more closely is done through a technique called packet analysis. Packet analysis is important for deeply inspecting packets, which can then identify non-business traffic that needs to be blocked, malicious behavior, other unwanted activities, or errors occurring in a network (Sikos, 2020). The software tools that facilitate packet analysis are known as packet analyzers, also referred to as packet sniffers and network analyzers.

Wireshark

Wireshark is the world’s most popular packet analyzer widely used by professionals in industry for network troubleshooting, analysis, software and protocol development, as well as for educational purposes (Banerjee et al., 2010). Some notable features of Wireshark include the following:

    • ·       Live captures of packets
    • ·       Displayable, detailed packet protocol information
    • ·       Ability to open and save captured packet data
    • ·       Filter and search packets based on certain criteria
    • ·       Protocol decoders (dissectors) (Lamping & Warnicke, 2004)

Wireshark is a free, open-source tool that runs on a variety of computing platforms such as Windows, OS X, Linux, and Unix.
A screenshot of a computer AI-generated content may be incorrect.

[Wireshark packet captures] Retrieved from https://www.wireshark.org/docs/wsug_html_chunked/ChapterIntroduction.html

 Above is an example of several packet captures and how Wireshark lets you analyze the contents of the packets.

Conclusion
To conclude, packet analysis is important in analyzing the traffic within a network. Tools like Wireshark have provided powerful and user-friendly features that cater to both professional and educational needs. Wireshark also demonstrates the importance of network analysis to identify potential problems within a network.


 References

Banerjee, U., Vashishtha, A., & Saxena, M. (2010). Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection. International Journal of computer applications6(7), 1-5.

Cloudfare. (n.d.). What is a packet? | Network packet definition. Cloudfare Networking Basics. Retrieved February 25, 2025 from https://www.cloudflare.com/learning/network-layer/what-is-a-packet/

Lamping, U., & Warnicke, E. (2004). Wireshark user's guide. Interface4(6), 1.

Sikos, L. F. (2020). Packet analysis for network forensics: A comprehensive survey. Forensic Science International: Digital Investigation. 32, 2666-2817. https://doi.org/10.1016/j.fsidi.2019.200892.


Comments

Post a Comment