Installing tshark Only. Note: If you have not used tshark before, you should install the wireshark package as above before limiting yourself to the CLI. If you want to install just tshark and no Qt/GUI components, this is possible on various linux distributions. The package is called tshark or wireshark-cli depending on the platform. Download and install the Wireshark software:. Go to and download and install the Wireshark binary for your computer. The Wireshark FAQ has a number of helpful hints and interesting tidbits of information, particularly if you have trouble installing or running Wireshark.

Wireshark allows you to analyze the traffic inside your network with various tools. If you want to see what’s going on inside your network or have issues with network traffic or page loading, you can use Wireshark. It allows you to capture the traffic, so you can understand what the problem is or send it to support for further assistance. Keep reading this article, and you’ll learn how to capture http traffic in Wireshark.

Installing Wireshark

Installing Wireshark is an easy process. It’s free tool across different platforms, and here is how you can download and install it:

Windows & Mac Users

1. Open your browser.
2. Visit https://www.wireshark.org/download.html.
3. Select the version for your device.
   
4. Wireshark will be downloaded to your device.
5. Install it by following the instructions in the package.
   

Linux Users

If you’re a Linux user, you can find Wireshark in the Ubuntu Software Center. Download it from there and install it according to the instructions in the package.

Capturing HTTP Traffic in Wireshark

Now that you’ve installed Wireshark on your computer, we can move on to capturing http traffic. Here are the steps to do it:

1. Open your browser – You can use any browser.
2. Clear cache – Before capturing the traffic, you need to clear your browser’s cache. You can do this if you go to your browser’s settings.
   
3. Open Wireshark.
   
4. Tap “Capture.”
   
5. Tap “Interfaces.” You will now see a pop-up window on your screen.
6. Choose the interface. You probably want to analyze the traffic going through your ethernet driver.
   
7. Once you’ve selected the interface, tap “Start” or tap “Ctrl + E.”
   
8. Now go back to your browser and visit the URL you want to capture traffic from.
   
9. Once you’re done, stop capturing traffic. Go back to Wireshark and tap “Ctrl + E.”
   
10. Save the captured traffic. If you have network issues and want to send the captured traffic to support, save it into a *.pcap format file.
    

Capturing Packets in Wireshark

Besides capturing http traffic, you can capture whatever network data you need in Wireshark. Here is how you can do this:

1. Open Wireshark.
   
2. You’ll see a list of available network connections you can examine. Select the one you’re interested in. If you want, you can analyze multiple network connections at once by pressing “Shift + Left-click.”
   
3. Now you can start capturing packets. You can do this in several ways: The first one is by tapping the shark fin icon at the top-left corner. The second one is tapping “Capture” and then tapping “Start.” The third way to start capturing is by tapping “Ctrl + E.”
   

While capturing, Wireshark will display all the captured packets in real-time. Once you’re done capturing packets, you can use the same buttons/shortcuts to stop capturing.

Wireshark Filters

One of the reasons Wireshark is one of the most famous protocol analyzers today is its ability to apply various filters to the captured packets. Wireshark filters can be divided into capture and display filters.

Capture Filters

These filters are applied before capturing data. If Wireshark captures data that doesn’t match the filters, it won’t save them, and you won’t see them. So, if you know what you’re looking for, you can use capture filters to narrow down your search.

Here are some of the most used capture filters you can use:

• host 192.168.1.2 – Capture all traffic associated with 192.168.1.2.
• port 443 – Capture all traffic associated with port 443.
• port not 53 – Capture all traffic except the one associated with port 53.

Display Filters

Depending on what you’re analyzing, your captured packets may be very hard to go through. If you know what you’re looking for, or if you want to narrow down your search and exclude the data you don’t need, you can use display filters.

Here are some of the display filters you can use:

• http – If you’ve captured a number of different packets, but you want to see only the http-based traffic, you can apply this display filter, and Wireshark will show you only those packets.
• http.response.code 404 – If you’re having trouble loading certain web pages, this filter might be useful. If you apply it, Wireshark will only show the packets where “404: Page not found” was a response.

It’s important to note the difference between capture and display filters. As you’ve seen, you apply capture filters before, and display filters after capturing packets. With capture filters, you discard all packets that don’t fit the filters. With display filters, you don’t discard any packets. You just hide them from the list in Wireshark.

Additional Wireshark Features

Although capturing and filtering packets is what makes Wireshark famous, it also offers different options that can make your filtering and troubleshooting easier, especially if you’re new at this.

Colorization Option

You can color packets in the Packet List according to different display filters. This allows you to emphasize the packets you want to analyze.

There are two types of coloring rules: temporary and permanent. Temporary rules are applied only until you close the program, and permanent rules are saved until you change them back.

You can download sample coloring rules here, or you can create your own.

Promiscuous Mode

Wireshark captures traffic coming to or from the device where it’s running. By enabling the promiscuous mode, you’re able to capture the majority of traffic on your LAN.

Command Line

If you’re running your system without a GUI (Graphic user interface), you can use Wireshark’s Command Line Interface. You can capture packets and review them on a GUI.

Statistics

Wireshark offers a “Statistics” menu you can use to analyze captured packets. For example, you can view file properties, analyze traffic between two IP addresses, etc.

FAQs

How do I read the data captured in WireShark?

Once you’re done capturing packets, Wireshark will show all of them in a packet list pane. If you want to focus on a specific capture, double-click on it, and you can read more information about it.

You can decide to open a particular capture in a separate window for easier analysis:

1. Choose the packet you want to read.

2. Right-click on it.

3. Tap “View.”

4. Tap “Show Packet in New Window.”

Here are some details from the packet list pane that will help you with reading captures:

1. No. – The number of a captured packet.

2. Time – This shows you when the packet was captured with regards to when you started capturing. You can customize and adjust the value in the “Settings” menu.

3. Source – This is the origin of a captured packet in the form of an address.

4. Destination – The destination address of a captured packet.

5. Protocol – The type of a captured packet.

6. Length – This shows you the length of a captured packet. This is expressed in bytes.

7. Info – Additional information about a captured packet. The type of information you see here depends on the type of the captured packet.

All of the above columns can be narrowed down with the use of display filters. Depending on what you’re interested in, you can interpret Wireshark captures easier and faster by applying different filters.

In a World of Fish, Be a Wireshark

Now you’ve learned how to capture http traffic in Wireshark, along with useful information about the program. If you want to inspect your network, troubleshoot issues, or ensure everything’s in order, Wireshark is the right tool for you. It’s easy to use and interpret, and it’s free.

Have you used Wireshark before? Tell us in the comment section below.

August 27, 2021

What’s New

Many improvements have been made.See the “New and Updated Features” section below for more details.

New and Updated Features

The following features are new (or have been significantly updated) since version 3.4.0:

• The Windows installers now ship with Npcap 1.50.

• A 64-bit Windows PortableApps package is now available.

• A macOS Arm 64 (Apple Silicon) package is now available.

• TCP conversations now support a completeness criteria, which facilitates the identification of TCP streams having anyof opening or closing handshakes, a payload, in any combination. It is accessed with the new tcp.completeness filter.

• Protobuf fields that are not serialized on the wire (missing in capture files) can now be displayed with default valuesby setting the new 'add_default_value' preference. The default values might be explicitly declared in 'proto2' files,or false for bools, first value for enums, zero for numeric types.

• Wireshark now supports reading Event Tracing for Windows (ETW). A new extcap named ETW reader is created that now can open an etl file,convert all events in the file to DLT_ETW packets and write to a specified FIFO destination. Also, a new packet_etw dissector iscreated to dissect DLT_ETW packets so Wireshark can display the DLT_ETW packet header, its message and packet_etw dissectorcalls packet_mbim sub_dissector if its provider matches the MBIM provider GUID.

• 'Follow DCCP stream' feature to filter for and extract the contents of DCCP streams.

• Wireshark now supports dissecting the rtp packet with OPUS payload.

• Importing captures from text files is now also possible based on regular expressions. By specifying a regex capturing a singlepacket including capturing groups for relevant fields a textfile can be converted to a libpcap capture file. Supported dataencodings are plain-hexadecimal, -octal, -binary and base64.Also the timestamp format now allows the second-fractions to be placed anywhere in the timestamp and it will be stored withnanosecond instead of microsecond precision.

• Display filter literal strings can now be specified using raw string syntax,identical to raw strings in the Python programming language. This is usefulto avoid the complexity of using two levels of character escapes with regularexpressions.

• Significant RTP Player redesign and improvements (see Wireshark User Documentation,Playing VoIP Calls andRTP Player Window)

  • RTP Player can play many streams in row

  • UI is more responsive

  • RTP Player maintains playlist, other tools can add/remove streams to it

  • Every stream can be muted or routed to L/R channel for replay

  • Save audio is moved from RTP Analysis to RTP Player. RTP Player saves what was played. RTP Player can save in multichannel .au or .wav.

  • RTP Player added to menu Telephony>RTP>RTP Player

• VoIP dialogs (VoIP Calls, RTP Streams, RTP Analysis, RTP Player, SIP Flows) are non-modal, can stay opened on background

  • Same tools are provided across all dialogs (Prepare Filter, Analyse, RTP Player …​)

• Follow stream is now able to follow SIP calls based on their Call-ID value.

• Follow stream YAML output format’s has been changed to add timestamps and peers information (for more details see the user’s guide,Following Protocol Streams)

• IP fragments between public IPv4 addresses are now reassembled even if they have different VLAN IDs. Reassembly of IP fragmentswhere one endpoint is a private (RFC 1918 section 3) or link-local (RFC 3927) IPv4 address continues to take the VLAN ID intoaccount, as those addresses can be reused. To revert to the previous behavior and not reassemble fragments with different VLAN IDs,turn on the 'Enable stricter conversation tracking heuristics' top level protocol preference.

• USB Link Layer reassembly has been added, which allows hardware captures to be analyzed at the same level as software captures.

• TShark can now export TLS session keys with the --export-tls-session-keys option.

• Wireshark participated in the Google Season of Docs 2020 and the User’s Guide has been extensively updated.

• Format of export to CSV in RTP Stream Analysis dialog was slightly changed. First line of export contains names of columns as in other CSV exports.

• Wireshark now supports the Turkish language.

New Protocol Support

Bluetooth Link Manager Protocol (BT LMP), E2 Application Protocol (E2AP), Event Tracing for Windows (ETW), High-Performance Connectivity Tracer (HiPerConTracer), Kerberos SPAKE, Linux psample protocol, Local Interconnect Network (LIN), Microsoft Task Scheduler Service, O-RAN E2AP, O-RAN fronthaul UC-plane (O-RAN), Opus Interactive Audio Codec (OPUS), PDU Transport Protocol, R09.x (R09), RDP Dynamic Channel Protocol (DRDYNVC), Real-Time Publish-Subscribe Virtual Transport (RTPS-VT), Real-Time Publish-Subscribe Wire Protocol (processed) (RTPS-PROC), Shared Memory Communications (SMC), Signal PDU, SparkplugB, State Synchronization Protocol (SSyncP), Tagged Image File Format (TIFF), TP-Link Smart Home Protocol, and World of Warcraft World (WOWW)

Updated Protocol Support

Too many protocols have been updated to list here.

August 25, 2021

Wireshark 3.4.8 and 3.2.16 have been released.Installers for Windows, Mac OS X 10.12 and later, and source code are now available.

In 3.4.8

Several bugs have been fixed.See the release notes for details.

For a complete list of changes, please refer to the3.4.8 release notes.

In 3.2.16

Several bugs have been fixed.See the release notes for details.

For a complete list of changes, please refer to the3.2.16 release notes.

Official releases are available right now from thedownload page.

Wireshark 3.4.7 and 3.2.15 Released · July 14, 2021

Wireshark 3.4.6 and 3.2.14 Released · June 2, 2021

Wireshark 3.4.5 and 3.2.13 Released · April 21, 2021

Wireshark 3.4.4 and 3.2.12 Released · March 10, 2021

Wireshark 3.4.3 and 3.2.11 Released · January 29, 2021

Wireshark 3.4.2 and 3.2.10 Released · December 18, 2020

Wireshark 3.4.1 and 3.2.9 Released · December 9, 2020

Wireshark 3.4.0 and 3.2.8 Released · October 29, 2020

Wireshark 3.4.0rc1 Release Candidate · October 22, 2020

Wireshark 3.3.1 Development Release · October 1, 2020

Wireshark 3.2.7, 3.0.14, and 2.6.20 Released · September 23, 2020

Wireshark 3.3.0 Development Release · September 15, 2020

Wireshark 3.2.6, 3.0.13, and 2.6.19 Released · August 12, 2020

Wireshark 3.2.5, 3.0.12, and 2.6.18 Released · July 1, 2020

Wireshark 3.2.4, 3.0.11, and 2.6.17 Released · May 19, 2020

Wireshark 3.2.3, 3.0.10, and 2.6.16 Released · April 8, 2020

Wireshark 3.2.2, 3.0.9, and 2.6.15 Released · February 26, 2020

Wireshark 3.2.1, 3.0.8, and 2.6.14 Released · January 15, 2020

Wireshark 3.2.0 Released · December 18, 2019

Wireshark 3.2.0rc2 Release Candidate · December 11, 2019

Wireshark 3.2.0rc1 Release Candidate · December 5, 2019

Wireshark 3.0.7 and 2.6.13 Released · December 4, 2019

Wireshark 3.1.1 Development Release · November 18, 2019

Wireshark 3.0.6 and 2.6.12 Released · October 23, 2019

Wireshark 3.0.5 Released · September 20, 2019

Wireshark 3.0.4 and 2.6.11 Released · September 11, 2019

Wireshark 3.1.0 Development Release · July 25, 2019

Wireshark 3.0.3, 2.6.10 and 2.4.16 Released · July 17, 2019

Wireshark 3.0.2, 2.6.9 and 2.4.15 Released · May 21, 2019

Wireshark 3.0.1, 2.6.8 and 2.4.14 Released · April 8, 2019

Wireshark 3.0.0 Released · February 28, 2019

Wireshark 2.6.7 and 2.4.13 Released · February 27, 2019

Wireshark 3.0.0rc2 Released · February 21, 2019

Wireshark 3.0.0rc1 Released · February 15, 2019

Wireshark 2.6.6 and 2.4.12 Released · January 8, 2019

Wireshark 2.9.0 Development Release · December 12, 2018

Wireshark 2.6.5 and 2.4.11 Released · November 28, 2018

Wireshark 2.6.4 and 2.4.10 Released · October 11, 2018

Wireshark 2.6.3, 2.4.9 and 2.2.17 Released · August 29, 2018

Wireshark 2.6.2, 2.4.8 and 2.2.16 Released · July 18, 2018

Wireshark 2.6.1, 2.4.7 and 2.2.15 Released · May 22, 2018

Wireshark 2.6.0 Released · April 24, 2018

Wireshark 2.4.6 and 2.2.14 Released · April 3, 2018

Wireshark 2.5.1 Development Release · March 15, 2018

Wireshark 2.4.5 and 2.2.13 Released · February 23, 2018

Wireshark 2.5.0 Development Release · February 6, 2018

Wireshark 2.4.4 and 2.2.12 Released · January 11, 2018

Wireshark 2.4.3 and 2.2.11 Released · November 30, 2017

Wireshark 2.4.2, 2.2.10, and 2.0.16 Released · October 10, 2017

Wireshark 2.4.1, 2.2.9, and 2.0.15 Released · August 29, 2017

Wireshark 2.4.0 Released · July 19, 2017

Wireshark 2.2.8 and 2.0.14 Released · July 18, 2017

Wireshark 2.4.0rc2 Released · June 28, 2017

Wireshark 2.4.0rc1 Released · June 7, 2017

Wireshark 2.2.7 and 2.0.13 Released · June 1, 2017

Wireshark 2.2.6 and 2.0.12 Released · April 12, 2017

Wireshark 2.2.5 and 2.0.11 Released · March 3, 2017

Wireshark 2.2.4 and 2.0.10 Released · January 23, 2017

Wireshark 2.2.3 and 2.0.9 Released · December 14, 2016

Wireshark 2.2.2 and 2.0.8 Released · November 16, 2016

Wireshark 2.2.1 and 2.0.7 Released · October 4, 2016

Wireshark 2.0.6 Released · September 8, 2016

Wireshark 2.2.0 Released · September 7, 2016

Wireshark 2.2.0rc2 · August 31, 2016

Wireshark 2.2.0rc1 · August 22, 2016

Wireshark 2.0.5 and 1.12.13 Released · July 27, 2016

Wireshark 2.1.1 Development Release · July 14, 2016

Wireshark 2.1.0 Development Release · June 8, 2016

Wireshark 2.0.4 and 1.12.12 Released · June 7, 2016

Wireshark 2.0.3 and 1.12.11 Released · April 22, 2016

Wireshark 2.0.2 and 1.12.10 Released · February 26, 2016

Wireshark 2.0.1 and 1.12.9 Released · December 29, 2015

Wireshark 2.0.0 Released · November 18, 2015

Wireshark 2.0.0rc3 Released · November 11, 2015

Wireshark 2.0.0rc2 Released · October 30, 2015

Wireshark 2.0.0rc1 Released · October 14, 2015

Wireshark 1.12.8 Released · October 14, 2015

Wireshark 1.99.9 Development Release · September 2, 2015

Wireshark 1.12.7 Released · August 12, 2015

Wireshark 1.99.8 Development Release · July 24, 2015

Wireshark 1.99.7 Development Release · June 18, 2015

Wireshark 1.12.6 Released · June 17, 2015

Wireshark 1.99.6 Development Release · May 28, 2015

Wireshark 1.12.5 and 1.10.14 Released · May 12, 2015

Wireshark 1.99.5 Development Release · March 20, 2015

Wireshark 1.99.4 Development Release · March 19, 2015

Wireshark 1.99.3 Development Release · March 5, 2015

Wireshark 1.12.4 and 1.10.13 Released · March 4, 2015

Wireshark 1.99.2 Development Release · February 4, 2015

Wireshark 1.12.3 and 1.10.12 Released · January 7, 2015

Wireshark 1.99.1 Development Release · December 10, 2014

Wireshark 1.12.2 and 1.10.11 Released · November 12, 2014

Wireshark 1.99.0 Development Release · October 7, 2014

Wireshark 1.12.1 and 1.10.10 Released · September 16, 2014

Wireshark 1.12.0 and 1.10.9 Released · July 31, 2014

Wireshark 1.12.0rc3 Released · July 22, 2014

Wireshark 1.12.0rc2 Released · June 13, 2014

Wireshark 1.10.8 and 1.8.15 Released · June 12, 2014

Wireshark 1.10.7 and 1.8.14 Released · April 22, 2014

Wireshark 1.11.3 Development Release · April 15, 2014

Wireshark 1.10.6 and 1.8.13 Released · March 7, 2014

Wireshark 1.10.5 Released · December 19, 2013

Wireshark 1.10.4 and 1.8.12 Released · December 17, 2013

Wireshark 1.11.2 Development Release · November 18, 2013

Wireshark 1.11.0 Development Release · November 15, 2013

Wireshark 1.10.3 and 1.8.11 Released · November 1, 2013

Wireshark 1.11.0 Development Release · October 15, 2013

Wireshark 1.10.2 and 1.8.10 Released · September 10, 2013

Wireshark 1.10.1 and 1.8.9 Released · July 26, 2013

Wireshark 1.8.8 and 1.6.16 Released and 1.6 End of Life · June 7, 2013

Wireshark 1.10.0 Released · June 5, 2013

Wireshark 1.10.0rc2 Released · May 22, 2013

Wireshark 1.8.7 and 1.6.15 Released · May 17, 2013

Wireshark 1.10.0rc1 Released · April 26, 2013

Wireshark 1.9.1 Development Release · March 28, 2013

Wireshark 1.9.1 Development Release · March 12, 2013

Wireshark 1.8.6 and 1.6.14 Released · March 6, 2013

Wireshark 1.9.0 Development Release · February 20, 2013

Wireshark 1.8.5 and 1.6.13 Released · January 29, 2013

Wireshark Wiki Security Incident · January 9, 2013

Wireshark 1.8.4 and 1.6.12 Released · November 28, 2012

Wireshark 1.8.3 and 1.6.11 Released · October 2, 2012

Wireshark 1.8.2 and 1.6.10 Released · August 15, 2012

Wireshark 1.4.14 Released · July 24, 2012

Wireshark 1.8.1 and 1.6.9 Released · July 23, 2012

Wireshark 1.8.0 Released · June 21, 2012

Wireshark 1.8.0rc2 Released · June 18, 2012

Wireshark 1.8.0rc1 Released · June 6, 2012

Wireshark 1.6.8 and 1.4.13 Released · May 22, 2012

Wireshark 1.7.1 Development Release · April 6, 2012

Wireshark 1.6.7 Released · April 6, 2012

Wireshark 1.6.6 and 1.4.12 Released · March 27, 2012

Wireshark 1.6.5 and 1.4.11 Released · January 10, 2012

Wireshark 1.6.4 Released · November 18, 2011

Wireshark 1.7.0 Development Release · November 8, 2011

#1 on SecTools.Org · November 7, 2011

Wireshark 1.6.3 and 1.4.10 Released · November 1, 2011

We're Essential · September 19, 2011

Wireshark 1.6.2 and 1.4.9 Released · September 8, 2011

Wireshark 1.6.1 and 1.4.8 Released · July 18, 2011

Wireshark 1.6.0 Released · June 7, 2011

Wireshark 1.6.0rc2 Released · June 2, 2011

Wireshark 1.4.7 and 1.2.17 Released · May 31, 2011

Wireshark 1.6.0rc1 Released · May 16, 2011

Wireshark 1.4.6 Released · April 18, 2011

Wireshark 1.4.5 and 1.2.16 Released · April 15, 2011

Wireshark 1.5.1 Development Release · April 11, 2011

Wireshark 1.4.4 and 1.2.15 Released · March 1, 2011

Wireshark 1.5.0 Development Release · January 24, 2011

Wireshark 1.4.3 and 1.2.14 Released · January 11, 2011

Wireshark 1.4.2 and 1.2.13 Released · November 19, 2010

Riverbed Acquires CACE Technologies · October 21, 2010

CACE Pilot, WiFi Pilot, and Shark Appliance 2.4 Released · October 20, 2010

Wireshark 1.4.1 and 1.2.12 Released, 1.0.x EOL · October 11, 2010

Wireshark 1.4.0, 1.2.11, and 1.0.16 Released · August 30, 2010

'Wireshark Antivirus' Malware · August 4, 2010

We're SourceForge.net's Project of the Month! · August 1, 2010

End of Life Announcement for Wireshark 1.0 · July 31, 2010

Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released · July 29, 2010

Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released · June 9, 2010

Wireshark 1.2.8, 1.0.13, and 1.3.5 Released · May 5, 2010

Wireshark 1.2.7, 1.0.12, and 1.3.4 Released · March 31, 2010

Wireshark Wins PC Magazine Editor's Choice Award · February 22, 2010

Wireshark 1.3.3 Development Release · February 11, 2010

Wireshark 1.2.6 and 1.0.11 Released · January 27, 2010

CACE Pilot and WiFi Pilot 2.2 Released · January 18, 2010

Wireshark 1.2.5 Released · December 17, 2009

Wireshark 1.3.2 Development Release · November 24, 2009

Wireshark 1.2.4 Released · November 16, 2009

Wireshark 1.2.3, 1.0.10, and 1.3.1 Released · October 27, 2009

Wireshark 1.2.2, 1.0.9, and 1.3.0 Released · September 15, 2009

CACE Pilot and WiFi Pilot 2.1 Released · September 1, 2009

CACE Pilot 2.0 Released · July 28, 2009

Wireshark 1.2.1 Released · July 20, 2009

Nmap 5 Released · July 16, 2009

Wireshark 1.2 Released · June 15, 2009

Wireshark 1.2.0pre2 Released · June 9, 2009

Wireshark 1.2.0pre1 Released · May 27, 2009

Free Wireshark Jumpstart Seminars From Laura Chappell · May 22, 2009

Wireshark 1.0.8 Released · May 21, 2009

Another Day, Another New York Times Article · May 14, 2009

Wireshark Helps Expose Spy Ring · May 12, 2009

Announcing WiFi Pilot · May 7, 2009

Wireshark 1.0.7 Released · April 8, 2009

A Pile Of Great Keynotes At Sharkfest '09 · March 24, 2009

Wireshark 1.1.3 Development Release · March 23, 2009

Conficker Loves Us! · March 12, 2009

Wireshark 1.0.6 Released · February 6, 2009

CACE Pilot 1.2 released · January 23, 2009

Wireshark 1.1.2 Development Release · January 15, 2009

Wireshark 1.0.5 Released · December 10, 2008

New Video: Custom Columns (Plus Bonus Wireshark University Updates) · December 9, 2008

New Book: Nmap Network Scanning · December 3, 2008

Wireshark classes from Mike Pennacchi and Chris Sanders · November 7, 2008

tcpdump 4.0.0 / libpcap 1.0.0 released · October 28, 2008

New Article: Using Wireshark and TShark display filters for troubleshooting · October 22, 2008

Wireshark 1.0.4 Released · October 20, 2008

Meet Gerald At Laura Chappell's Troubleshooting and Security Summit · October 10, 2008

Wireshark 1.1.1 Development Release · October 9, 2008

Wireshark 1.1.0 Development Release · September 14, 2008

Sign Up Now for Laura Chappell's Troubleshooting and Security Summit · September 3, 2008

Wireshark 1.0.3 Released · September 3, 2008

Wireshark Wins 2008 InfoWorld BOSSIE Award · August 4, 2008

Wireshark is 10! (Plus two bonus announcements) · July 14, 2008

Wireshark 1.0.2 Released · July 10, 2008

Wireshark 1.0.1 Released · June 30, 2008

Announcing TurboCap · June 26, 2008

New Article: Open Source Founders Reflect On Project Milestones · April 22, 2008

Announcing Pilot · April 16, 2008

New Video: TCP Connection Loss · April 7, 2008

Sharkfest Was Great! · April 3, 2008

Wireshark 1.0 Released · March 31, 2008

Server Outage · March 20, 2008

Wireshark 0.99.8 Released · February 27, 2008

Vint Cerf at Sharkfest! · February 19, 2008

New Video: Analyzing DNS Queries · February 4, 2008

New Video: ICMP Redirection (plus a Tech Talk) · January 7, 2008

Wireshark 0.99.7 Released · December 18, 2007

New Mirror in Indonesia · December 16, 2007

Nmap is 10 · December 14, 2007

New Video: Advanced IO Graphing · November 5, 2007

German Tutorial from Mirko Kulpa · November 1, 2007

In Memoriam: Jun-ichiro Hagino · October 30, 2007

New Article: Time to Roll Your Own 802.11n Standard · October 5, 2007

New Video: Faulty Padding · September 24, 2007

First Annual SHARKFEST Announced · September 12, 2007

Wireshark Wins 2007 InfoWorld BOSSIE Award · September 10, 2007

New Article: SPAN Port or TAP? CSO Beware · September 9, 2007

New Article: Analyzing TCP Performance with Wireshark · August 17, 2007

Wireshark 0.99.6a Windows Installer Released · July 9, 2007

Wireshark 0.99.6 Released · July 5, 2007

New Article: Creating Your Own Custom Wireshark Dissector · July 2, 2007

New Video: Building ACL Rules · July 2, 2007

Wireshark at LinuxWorld 2007 · June 27, 2007

New tool: WPA PSK Generator · June 22, 2007

New Book: Practical Packet Analysis · May 23, 2007

eWEEK Says We're Important · May 2, 2007

Wireshark! Live! Helpdesk · April 1, 2007

Wireshark University Announced · March 19, 2007

New Mirror in Hungary · March 2, 2007

New Mirror in Germany · February 21, 2007

McAfee VirusScan False Positive · February 13, 2007

Wireshark 0.99.5 Released · February 1, 2007

WinPcap 4.0 Released · January 29, 2007

3Com Says We're 'Best-Of-Breed' · January 29, 2007

New Mirror in the U.S. · January 22, 2007

New Mirror in the Netherlands · January 5, 2007

MacOS X Package Available · January 4, 2007

Article in COMPUTERWOCHE.de · November 14, 2006

Wireshark 0.99.4 Released · October 31, 2006

Wireshark Training Available for Q1 2007 · October 23, 2006

Site Outage · September 18, 2006

Wireshark Download Mac El Capitan

Wireshark 0.99.3 Released · August 23, 2006

Wireshark 0.99.2 Released · July 17, 2006

Tutorial and Podcast from Chris Sanders · July 14, 2006

Symantec Antivirus False Positive · July 4, 2006

How To Download Wireshark

We're (still) #2! · June 21, 2006

Wireshark For Mac Os

Ethereal® is now Wireshark™ · June 7, 2006