Maamulayaasha shabakadu waxay qaban karaan si ka sii fiican haddii ay gacanta ku hayaan macluumaadka la xidhiidha. Waxaa jira qalab gaar ah oo ka caawiya maamulayaasha shabakadaha inay qabtaan oo ay falanqeeyaan xogta shabakada si ay u ogaadaan waxa socda. Falanqeeyaha Shabakadda Wireshark^{(Wireshark Network Analyzer)} waa mid ka mid ah qalabkan bilaashka ah iyo dib u eegistan Wireshark , oo ku qoran luqad cad, ayaa kuu sheegaysa waxa ay bixiso.

Wireshark waxay ku salaysan tahay WinPcap maadaama ay u baahan tahay kan dambe in lagu rakibo kombayutarkaaga. Haddii aan hore loo rakibin, Wireshark ayaa soo jeedinaysa oo adiga kugu rakibaysa. Qalab kale oo aan isticmaalay - sida URL Snooper - ayaa sidoo kale ka shaqeeya WinPcap si ay u uriso baakadaha ku dhex safraya shabakadda.

Waa maxay WinPcap

WinPcap had iyo jeer waxaa loo rakibaa sidii barnaamij gaar ah. Waa qalab lagu qabto xirmooyinka shabakada iyada oo aan la faragelin wax borotokool ah. Waxaa ka mid ah shaandhaynta heerka kernel-ka, mishiinka tirakoobka shabakada, iyo darawalka. Iyada oo la kaashanayo darawalkan, waxay ka gudubtaa dhammaan borotokoolka shabakada waxayna gasho lakabyada shabakadaha hoose.

Macluumaadkaaga, TCP/IP ama ISO OSI , iwm. moodooyinka loo isticmaalo xaalad shabakad, isgaarsiinta xogta, waxay leeyihiin lakabyo kala duwan. Waxaan guud ahaan ka shaqeynaa heerka codsiga waana heerka ugu sarreeya ee labadaba borotokool - TCP iyo OSI . Halkan waa sawir si aad u caddeyso. Waxay ku tusinaysaa lakabyada OSI iyo TCP labadaba . WinPcap waxay ku shaqeysaa heer shabakad — iyadoo hareer maraysa dhammaan lakabyada kale ee sare

Si loo galo lakabyada hoose, WinPcap waxay dhaaftaa kuwan iyo lakabyo kale waxayna soo saartaa baakadaha xogta ee u socda heerka shabakada hoose. Markaa, waxay ka caawinaysaa bixinta macluumaadka barnaamijyada kala duwan ee ku saabsan xidhmooyinka xogta baxaysa iyo kuwa soo socda. Macluumaadkan waxaa markaa isticmaala barnaamijyo kala duwan si ay u qodaan macluumaad kala duwan.

WinPCap waxay ku taxan tahay barnaamij gaar ah oo ku jira Add/Remove Programs ama Barnaamijyada iyo Tilmaamaha^{(Programs and Features)} . Haddii aad ka saarto WinPCap , codsiyada ku tiirsan - sida WireShark - way ku fashilmi doonaan inay fuliyaan.

Falanqeeyaha Shabakadda Wireshark

Wireshark waxay caan ku tahay maamulayaasha shabakada sidaa darteed waxaan go'aansaday inaan hubiyo oo aan arko waxay bixiso. Sida kor ku xusan, waxay kugu dhiirigelin doontaa inaad ku darto WinPcap kombuyuutarkaaga oo ay kuu rakibi doonto. Markaad furto barnaamijka ka dib markaad rakibto Wireshark , waxaad heleysaa shaashad leh doorashooyin kala duwan oo loo qaybiyay saddex tiir. Doorashooyinka waxaa ka mid ah:

1. Interface List: Haddii aad haysato wax ka badan hal adabtarada shabakada, waa inaad doorataa midda aad rabto inaad qabato. Tusaale ahaan, marka aad gujiso, Wireshark waxay ku tusinaysaa liiska isku xidhka adabtarada kombuyuutarkaaga - oo ay ku jiraan WiFi . Kaliya waa inaad doorataa mid ama in ka badan oo ka mid ah adapters-ka shabakada Wireshark si aad u go'aamiso xidhmooyinka soo galaya ama ka baxaya adaabiyeyaashan. Sanduuqa wada hadalka ee kumbuyuutarkaygu wuxuu ahaa sida sawirka hoose. Adapter-ka farsamada ee SpotFlux ayaa sidoo kale lagu muujiyay sawirka. Kaagu wuu kala duwanaan karaa iyadoo lagu salaynayo adabtarada shabakada ee aad haysato.

2. Doorashada labaad waa in la bilaabo qabashada baakidhka. Markaad gujiso, waxay tusi doontaa xogta ku saabsan kaadhka shabakada ee aad dooratay.

3. Shayga saddexaad ee safka hore waa in la dejiyo ikhtiyaarka qabashada. Halkan, waxaad mar labaad dooran kartaa kaadhka shabakada, filtarrada, waxaad siisaa magac aad ku qabato faylka iyo waxyaabo kale.

Tiirka labaad waxa uu leeyahay liis galal dhowaan la furay iyo liis muunad qaadasho ah.

Tiirka saddexaad waxa uu la xidhiidha dukumentiyada iwm. Waa kan sida GUI oo dhami u ekaado. Si aad sawirka u weynayso, ku dhufo

Markaad qabsato xogta, waxaad ku kaydin kartaa magac kasta si aad u baarto. Haddii aad illowdo inaad kaydiso oo aad xidhid barnaamijka, waxay kugu dhiirigelinaysaa inaad kaydiso xogta waxayna sidoo kale ku siinaysaa ikhtiyaar aad ku bixi karto adigoon wax kaydsan.

Tilmaamaha kale ee Wireshark Network Analyzer

Sifooyinka kale ee dareenkayga soo jiitay waxaa ka mid ah aaladaha gacanta ku leh ee leh ikhtiyaarro lagu bilaabo, joojinta xiritaanka xirmada. Waxa kale oo ay leedahay doorashooyin lagu dejiyo dookhyada iyo in la bilaabo caawimo. Ikhtiyaarada kale waa in dib loo bilaabo xirida xirmada adiga oo aan kaydin faylka, xidhi feylka qabashada, dib u rarista faylka qabashada, iwm. Marka la soo koobo, waxay ku siinaysaa habab gaaban oo aad ku qabato doorashooyin kala duwan adiga oo aan u baahnayn inaad dhex gasho adigoo isticmaalaya bar menu.

Codaynta midabku waa muuqaal kale oo wanaagsan oo Wireshark Network Analyzer . Waxaad isticmaali kartaa koodka midabka diyaarka u ah in la isticmaalo ama waxaad ku dhejin kartaa koodka midabka gaarka ah ee Dookhyada ee bar-barka. Codaynta midabku waxay kaa caawinaysaa inaad aqoonsato nooca xidhmooyinka xogta.

Barta ka hooseysa aaladda waxay ka kooban tahay xulashooyin lagu dejinayo filtarrada. Ma aan isticmaalin kan laakiin way fududahay in la galo filtarrada maamulayaasha kuwaas oo aan rabin inay furaan xulashada qabashada wakhti kasta. Waxaad si toos ah ugu qori kartaa sanduuqa qoraalka ee ku yaal bar shaandhada ama waxaad riixi kartaa Expressions ka dibna samee odhaah adoo isticmaalaya fursadaha jira. Dejinta filtarrada waa sida aad sameyso marka aad gacanta ku hayso xogta ku jirta Excel markaa waa inaanay dhib noqon.

Daaqadda qabashada, marka ay muujinayso baakado xogeed oo kala duwan, waxaad si toos ah u gujin kartaa baakidhka xogta si aad u aragto faahfaahintiisa. Daaqada hoose waxa ay tusinaysaa tafaasiisha la xidhiidha baakidhka xogta gaarka ah.

Marka la soo koobo, Wireshark waxay leedahay dhammaan tas-hiilaadka lagu ilaaliyo xogta shabakada iyada oo aan dhididsan. Is-dhexgalkeeda garaaf ahaan ayaa ka dhigaysa mid fudud in la qabto hawlo kala duwan. Haddii aad tahay maamulaha shabakadda oo aad rabto inaad isha ku hayso xidhmooyinka xogta, Wireshark adigaa iska leh.

Wireshark Network Analyzer soo dejin bilaash ah

Waxaad ka soo dejisan kartaa boggeeda rasmiga ah^{(official website)} .

Tag halkan si aad u hubiso qaar kale oo badan oo ah Qalabka Kormeerka Shabakadda ee Bilaashka ah^{(Free Network Monitoring Tools)} .^{(Go here to check out some more Free Network Monitoring Tools.)}

Wireshark Network Analyzer: Review, Tutorial, Free download

Netwоrk administrators can perform better if they have relevant information at their fingertips. There are certain toolѕ that help network admins to capture and аnalyze network data so that they could figure out what is going on. Wireshark Network Analyzer is one such free tool and this review of Wireshark, in plain language, tells you what all it offers.

Wireshark is based on WinPcap as it requires the latter to be installed on your computer. If it is not already installed, Wireshark prompts and installs it for you. Certain other tools that I’ve used – like URL Snooper – too employ WinPcap to sniff on packets traveling through the network.

What is WinPcap

WinPcap is always installed as a separate program. It is a tool to capture network packets without the interference of any protocols. It includes kernel-level packet filtering, a network statistics engine, and a driver. With the help of this driver, it bypasses all network protocols and accesses the low-level network layers.

For your information, TCP/IP or ISO OSI, etc. models used in a network scenario, for data communication, have a different set of layers. We generally work at the application level and it is the topmost level in both protocols – TCP and OSI. Here is an image to make it clear. It shows layers in both OSI and TCP. WinPcap operates at network level — bypassing all other upper layers

To access the low-level layers, WinPcap bypasses these and other layers and digs out data packets moving in the lower network level. Thus, it helps in providing information to different programs about outgoing and incoming data packets. This information is then used by different programs to dig out different information.

WinPCap is listed as a separate program in Add/Remove Programs or Programs and Features. If you remove WinPCap, applications dependent on it – like WireShark – will fail to perform.

Wireshark Network Analyzer

Wireshark is quite famous among network admins so I decided to check it out and see what it offers. As said above, it will prompt you to add WinPcap to your computer and will install it for you. When you open the program after installing Wireshark, you get a screen with different options divided into three columns. The options include:

1. Interface List: If you have more than one network adaptor, you will have to select which one(s) you wish to capture. For example, when you click on it, Wireshark shows you a list of networks adaptors on your computers – including the WiFi. You just have to select one or more of these network adaptors for Wireshark to determine the packets coming in and going out via these adaptors. The dialog box on my computer was like the image below. The virtual network adaptor of SpotFlux is also shown in the image. Yours may vary based on the network adaptors you have.

2. The second option is to start packet capturing. When you click it, it will show data pertaining to the network card(s) you selected.

3. The third item in the first row is to set up capture options. Here, you can again select the network card(s), place filters, give a name to capture the file among other things.

The second column has a list of recently opened capture files and a sample capture list.

The third column is related to documentation etc. Here is how the entire GUI looks like. To enlarge the image, click on it.

Once you captured data, you can save it under any name for later examination. If you forget to save and close the program, it prompts you to save the data and also gives you the option to exit without saving.

Other features of Wireshark Network Analyzer

Among other features that caught my attention was the handy toolbar that has options to start, stop packet capturing. It also has options to set up preferences and to launch help. Other options are to restart packet capturing without saving the file, close the capture file, reload the capture file, etc. In short, it offers you shortcuts to perform different options without having to navigate using the menu bar.

Color coding is yet another good feature of Wireshark Network Analyzer. You can use the ready-to-use color codes or you can set up custom color codes in Preferences on the toolbar. Color-coding helps you identify the type of data packets.

The bar just below the toolbar contains options to set up filters. I did not use this but it is easy to access filters for admins who wouldn’t want to open up the capture options dialog each time. You can directly type into the text box on the filter bar or you can click on Expressions and then create an expression using the available options. Setting up filters is just like you do when you are handling data in Excel so it should not be inconvenient.

In the capture window, when it is showing different data packets, you can right-click on a data packet to see its details. The lower window shows details pertaining to that particular data packet.

In short, Wireshark has all the facilities to observe network data without sweating out. Its graphical user interface makes it easy to perform different tasks. If you are a network admin and wish to keep an eye on the data packets, Wireshark is for you.

Wireshark Network Analyzer free download

You can download it from its official website.

Go here to check out some more Free Network Monitoring Tools.

Related posts

• Sida loo isticmaalo WinPatrol: Dib u eegis & Soo dejin bilaash ah

• Software-ka ugu Fiican Firewall-ka ee Windows 11/10 Dib u eegis, Soo dejiso

• Macrium Reflect Review Free: Software-ka Sawirka Disk-ga ugu Fiican ee PC

• EaseUS Partition Master Review Free: Maamulaha Qaybta ee Windows PC

• Ku cabbir xawaaraha Shabakadda Aagga Maxaliga ah qalabka Tijaabada Xawaaraha LAN

• Beddelka Trello Free ee ugu Fiican ee Maareynta Mashruuca

• Software-ka Qaadista Shaashada Bilaashka ah ee ugu Fiican ee Windows 11/10

• Dib u eegista Bitwarden: Maareeyaha Furaha Furan ee Bilaashka ah ee Windows PC

• Software-ka Falanqeeyaha Space Space ee bilaashka ah ee Windows 11/10

• Waa maxay Sandbox-gu? Software-ka Sandboxing-ka bilaashka ah ee loogu talagalay Windows 11/10 PC

• Qalabka Kormeerka Ping-ga ee ugu Fiican ee Windows 11/10 PC

• Gubayaasha ISO ee bilaashka ah ee ugu fiican Windows 10

• Waa maxay sababta aan ugu xidhi la'yahay aaladda shabakada si aan u ogaado dhibaatooyinka shabakada

• WordWeb: Qaamuuska bilaashka ah & Thesaurus Software for Windows PC

• Liiska bilaashka ah ee la qaadi karo Windows 10 Software, Utilities, Applications

• Software-ka Shabakadda Shabakadda ee ugu fiican ee naqshadaynta shabakadaada

• Software-ka Animation Stick Figure Free ee ugu Fiican ee Windows 11/10

• eToolz waxaa ku jira dhammaan aaladaha shabakadda ee aad u rabto Windows 10

• Software-ka ugu Wanaagsan ee Fog-fog ee bilaashka ah ee Windows 10

• Soo kabashada Xogta Korontada ee MiniTool Bilaash waxay ka soo ceshataa xogta qaybaha dhaawacan