Wireshark uses the Berkeley Packet Filter format for capture filtering, as this is the format used by Libpcap and Winpcap libraries for capturing of packets at the NIC. Wireshark – network analyser created by Gerald Combs (now Riverbed) TCP dump – network analyser created by Lawrence Berkeley National Laboratory Winpcap – Libpcap API ported to Windows machines for compatibilityīerkeley Packet Filter – format/syntax used for capture filtering withing TCPDump and Wireshark etc Libpcap – API/C/C++ libarary used for packet capture at the link layer on *nix machines
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |