What is this network traffic analyzer and how to use it to detect Internet problems or security flaws

by

Let’s explain to you what it is and how to take advantage wireshark from the point of view of an ordinary user. I say this because it is a very advanced tool that analyzes all the traffic on your network, and that of all the devices connected to it.

When you run this appyou’ll see a series of lines of data that you may not understand. But by knowing a little about what information is going to appear, you can also find ways to diagnose failures in your connection or whether an application or device is spying on you by sending data when you are not using it, or to unknown servers.

What is Wireshark

Wireshark is a network protocol analyzerwhat in English is called packet sniffer. What it does is capture, isolate and transmit each of the packets that are sent and received through our Internet connection, whether we are connected via WiFi or Ethernet, and it does all this in real time.

This is a free and open source programwhich means that any developer can look at how it works inside. This makes it reliable and safe, because if it did things that were not appropriate, users would have already reported it. It has versions for Windows, macOS and Ubuntubeing able to download them at wireshark.org.

When it comes to giving you information about the traffic that passes through your network, shows you very important datasuch as the IP and Mac addresses of the person sending or receiving the data, the sending protocol, the content (showing text or images if they are not encrypted), and connection healthwith the exact time it takes to load each piece of information.

Wireshark 1
Wireshark 1

The operation of this tool is based on three fundamental pillars. First the capture one, because it puts your network card in a mode where it can see all the traffic that reaches it. This includes both information that your operating system displays and information that it does not display.

It also has a color code to help you distinguish the packages. As a general rule, green is usually standard TCP traffic, blue is DNS or UDP, and black and red usually indicate problems. That’s why, you can identify that you are having errors or problems quite visually, just by seeing that there are many red or black lines.

The app also has a top bar where you can type commands to filter information. This is already quite advanced if you don’t know how networks work, but you can, for example, use “ip.addr == IP Address” changing the address to that of a specific device to see its movements, or type “http” to see only web traffic.

In short, it is a fairly complex and advanced tool, so it is not for all users. It is more aimed at system administrators, to detect attacks or bottlenecks. However, If you know where to look you can also take advantage of it as a home user.


Turning off the router at night: false myths, why it is better to leave it on and when it is better to leave it off

How you can take advantage of it

Wireshark 2
Wireshark 2

Although it is an advanced tool, it can be useful for normal users in some contexts as well. We are going to give you some ideas so that you know the type of information you can obtain:

  • If your online games cause problems: A speed test may tell you that your Ping is good, but the experience is different when playing. Therefore, this application can tell you if packets are being lost along the way that are making everything slower.
  • If you are concerned about privacy: You will be able to see what data your devices send to the cloud and the Internet, and if it is not encrypted you will see your content. This can help you be more aware of your privacy, and detect if a device is sending more data than it should. You will also be able to see if a device connects to servers of dubious origin.
  • If you have technical problems: If a website does not load or a printer disappears from the network, this application can show you at what point communication is being cut off.
  • If you want to do lag tests: If in this tool you filter by the appropriate protocol, such as UDP for games, you will be able to find if there are black lines that indicate that the information you send is “out of order” because it never arrived at the destination or did so late. With this you can see that if you have lag it is not a matter of your bandwidth, but perhaps of your network signal or a saturated node of your operator.
  • If you want to know what the devices on your network are doing: As we have more and more connected devices at home, with this you can audit what each one does. You can even isolate the IP of a cell phone or a security camera to know if it is connecting, what data it is sending, or if, for example, it sends data to other servers from time to time.

PPPoE credentials: what they are and how to get them to configure your neutral router

In any case, what you should know is that this tool is going to show you all the traffic that your home network has. It shows all the raw traffic, and doesn’t hide anything, meaning you can have a lot of fun looking at everything that’s happening on your network and learning how to take advantage of it to understand everything.

In Xataka Basics | Internet does not work at home: five alternatives to connect without using your router

Leave your vote

0 Points
Upvote Downvote

Leave a Comment

GIPHY App Key not set. Please check settings

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.