Today we will cover something light about our tutorial, it's about How to Install Wireshark on Windows. The purpose of this article is to guide some readers who are very new to the computer field especially hacking. If you already know how to install this tool, you can dismiss this and ready for our next more interesting hacking articles
What is Wireshark? according to Wireshark website:
Wireshark is the world's foremost network protocol analyzer. It lets you see what's happening on your network at a microscopic level. It is the de facto (and often de jure) standard across many industries and educational institutions.
According to Wikipedia about Wireshark functionality is:
Wireshark allows the user to put network interface controllers that support promiscuous mode into that mode, in order to see all traffic visible on that interface, not just traffic addressed to one of the interface's configured addresses and broadcast/multicast traffic. However, when capturing with a packet analyzer in promiscuous mode on a port on a network switch, not all of the traffic travelling through the switch will necessarily be sent to the port on which the capture is being done, so capturing in promiscuous mode will not necessarily be sufficient to see all traffic on the network. Port mirroring or various network taps extend capture to any point on the network. Simple passive taps are extremely resistant to tampering
Many of our tutorials on VishnuValentino.com perhaps will use Wireshark as the tools to perform hacking or even to perform some assesment.
1. Wireshark Executable File (download here)
1. Download the wireshark file, and then execute the executable file (usually Wireshark-winxx-version.exe), and click Next
2. On the next page there will be a license agreement, you can read it if you want . Click Next to continue to next process.
3. On step 3, there is a window where you can choose component to be installed on your computer.
Wireshark –> This is the GUI for the Network analyzer.
TShark –> TShark is a text based network protocol analyzer.
Plugins –> Other useful plugin for both Wireshark or TShark.
Tools –> Additional command line based tools such as :
- EditCap (reads a capture file and writes some file or all of the packets into another capture file)
- Text2pcap (reads in an ASCII hex dump and writes the data into libpcap-style capture file)
- Mergecap (combines multiple saved capture files into a single output file)
- Reordercap (copies frames from an input capture to output capture after sort it by time)
- Capinfos (provides information on captures files), and
- Rawshark (Raw packet filter)
User's Guide –> Install the Wireshark help manual locally, so we don't need to connect to internet to get it.
Click next when you finished choose your packet.
4. The next installation process is selecting additional tasks.
Create Shortcut: Choose whether you want to create shortcut in Start menu item, or Desktop icon, or quick launch icon.
File extensions: Choose whether we want to associate the specified file extensions to open usingwireshark
Click next to go to the next step.
5. In this step you will be asked to choose install location. If you don't know about this, then just leave it to default and click next.
6. This step will ask you whether want to install WinPcap or not. If you didn't have WinPcap installed on your system, you can check the Install WinPcap checkbox.
According to Wireshark Wiki about WinPcap,
WinPcap is the Windows version of the libpcap library; it includes a driver to support capturing packets.Wireshark uses this library to capture live network data on Windows.
Click install to begin the installation process.
7. Finished. Now we can start using Wireshark from the start menu, or press Windows keyboard + R and typewireshark.
Hope you found it useful