Wireshark Reviews

Our primary use case for the solution is to see the over-the-air packets, the data transmission, and the wifi connection.

The transmission and reception issues are valuable. For example, while debugging through food issues, we can draw the graph of the data captured in the solution and see how the throughput is moving.

The solution can be improved by increasing its capacity to manage larger files. Wireshark gets stuck when it is a larger file.

We have been using the solution for approximately eight years.

The solution is stable.

The solution is scalable.

We have not had experience with customer service and support.

The initial setup is straightforward. 

I rate the solution a nine out of ten. The solution is good, but the solution can be improved by increasing its capacity to manage larger files. I advise users considering the solution to have the latest PC to load it. The newest voice is also required to load it otherwise it is difficult to open.

I used it for a couple of school projects last semester. We basically had to emulate how to capture packets in transit in a network. After capturing those packets, we analyzed them. We also had to break down email messages and dig out pictures inside email messages.

It was deployed through a cloud. They had set up a subscription for a class VM.

Being able to dissect email data and figure out what is inside email messages was the most valuable feature. Such a feature is pretty helpful for an ongoing forensic investigation or when there is a potential insider threat that you are trying to investigate. It allows you to see the network activity of the users you are investigating. It also gives you more visibility into your network.

It was very easy to set up. There is a lot of information out there on Google and YouTube about how to use it. There is also community support. If you have any trouble, it is pretty easy to find an answer online. You will have to do some digging only if you have a very specific use case.

Its user interface was a little less friendly. They can make its user interface a little bit more friendly. It is for technical people, and most of the technical people would be able to figure it out, but it would be good to improve its user interface.

They can maybe build artificial intelligence into it. Currently, it takes a lot of manpower to analyze and dissect all the data.

I started using it last November. It has been six months.

It was pretty stable. It never crashed.

Scalability could be a challenge because you can analyze so much data with Wireshark, which can be hard if you don't have a very specific case or plan for it. 

If there is no automated solution, scalability could be a little bit difficult. It gives you more visibility into your network, and you can see the packets that are coming in and going out of the network. The only challenge is that if it is a big organization, there would be a lot to process. Having an automated solution on the side would probably help.

I didn't have to contact them.

It was pretty straightforward. It took less than 20 minutes.

I deployed it myself. It does not require any maintenance.

It is free.

I would advise others to have a game plan for it because there is a lot of data that goes into it. You can analyze a lot of data. Having a very strategic game plan would be ideal.

I would rate Wireshark a ten out of ten.

Public Cloud

Other

We primarily use the solution for reading packet captures. It's like a packet analyzer, packet capture. 

I'm just reading some packets and looking for interesting tracking. That's all.

The solution is open-source. 

It does have SolarWinds in it or is involved in SolarWinds in some way.

The search filtering is very good. 

It has good basic features. 

There's a lot of information available online. Even if I am looking for something special, I can find details about that aspect. 

It is well structured.

The initial setup is very easy.

I find the product to be quite stable. 

We can scale the solution. 

It works pretty well, and we haven't seen any areas that are lacking. 

We'd like to be able to extract the output into an Excel table.

I've used the solution for a couple of years. 

The solution performs well. It's stable. We haven't had issues with bugs or glitches. It doesn't crash or freeze. 

In the beginning, maybe seven or eight years ago, we did have some issues. However, that was a long time ago, and that was resolved. 

It's my understanding that the solution can scale. 

You can pay for a version that offers a support tier. However, I am using the basic, free, open-source version. There is no support tier. If you need information in relation to troubleshooting, everything you need is online. You can search the internet and find what you need. 

The solution is very simple and straightforward. It's pretty easy. I wouldn't classify it as complex or difficult. 

I'd rate it five out of five in terms of ease of setup.

The solution is open-source and free to use. That said, there is a paid tier with more features if a company needs a bit more. 

I'm a customer and end-user. 

I'd recommend the solution to others. It's a good product. 

I'd rate the solution ten out of ten. 

It is free, easy to use, getting better with every release.

Can be difficult for non "packet heads" to understand

Put in a just a bit of time with Laura Chappell's great resource - Wireshark 101 and one will be well on their way to becoming a packet head geek. The payback for the time spent is many times the cost of the book.

I basically use Wireshark for network troubleshooting.

For simple protocol and packet capture, it is very easy to use.

It has a good syntax to put the commands in and get information out of.

The only thing that I don't like is sometimes there is an update, and something that I was using is either no longer there or it has changed. However, this is common when they upgrade software, so it's normal with any software.

Because this product is open-source, sometimes there are contributors who make changes and they aren't properly vetted throughout the whole community. Access to older functionality should stay as a user preference so that they can still use it the old way if they want to.

I have been using Wireshark since it first came out, between 10 and 20 years ago.

Stability-wise, it is very good.

The scalability is very good and it's simple to do.

The initial setup is straightforward for a technical person. This is not the type of product that can be easily set up by an end-user who is non-technical.

This is an open-source product that can be used free of charge.

This is a good product for quick and easy troubleshooting.

I would rate this solution a ten out of ten.

The best thing about Wireshark is the community/ecosystem. Answers are easy to find in either the documentation or on the wiki. Packet analysis is not for the weak at heart, but Wireshark makes it as painless as possible with profiles, extensive decodes (dissectors), expert system and filtering capability. I use it everyday.Best features to get started with: Network Monitoring with Statistics>Endpoints - Who is talking? Network Monitoring with Statistics>Conversations - Who is talking to who? Application Monitoring with Statistics>Service Response Time - How fast did they get an Application layer response? Visualization with Statistics>IO Graph - Can I see it all in a pretty picture?

It is easy to get overwhelmed with the amount of data you are looking at. But that is true with any analysis tool. The best approach is to focus on a single process that interests you, follow its stream and walk through the packets until you understand what is happening. Then move on to learn the next thing. How do you eat an elephant? One "byte" at a time.

The biggest pro I can think of is that this excellent software is open source, meaning it's developed from a community driven perspective i.e. users have a voice and can develop and add features as they see fit.It supports a wide variety of platforms, has a GUI and CLI interface, and supports the a pcap variation on every one of its platforms.It's filter creation tool is top notch, letting you specify what traffic you want to see and how many packets you want to see.You can actually export packets to text files for later review if need be as well.

As some of the other reviewers here have stated, one con is that this software is only an observer, not an interactive component of the network, meaning you cant change anything with it.It also lacks a few modules that other, closed source software's have, but I have no doubt that the community will come up with a solution soon for that issue! It's continuously being developed and changed.

I've been using Wireshark for a long time, since back in the days when it was still called Ethereal. Since then, there has been no alternative for me for Packet Sniffing. Wireshark does exactly what I want and leaves me with no need to look elsewhere.