This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I was reading a Networking book that talks about packet sniffers and protocol analyzers. The book was basically saying these are two diffrent things but often get confused between one another. My question is; Is wireshark a Packet Sniffer or Protocol Analyzer or a combination of the two? I did also read some products really are both a paket sniffer and protocol analyzer.

Thnak You.

asked 28 Nov '12, 10:34

I_GEEK_IT's gravatar image

I_GEEK_IT
1556
accept rate: 0%

edited 28 Nov '12, 11:41

grahamb's gravatar image

grahamb ♦
19.8k330206


My question is; Is wireshark a Packet Sniffer or Protocol Analyzer or a combination of the two?

It's both. Before you can analyze a protocol, you need to capture (sniff) some packets.

If you want to be really precise, then you would call Wireshark just a protocol analyzer, as the current version does not capture (sniff) the packets itself. It uses another tool, that is part of Wireshark: dumpcap. So one could say: dumpcap is the packet capture tool (the sniffer) and Wireshark is the analyzer.

I did also read some products really are both a paket sniffer and protocol analyzer.

most products (if not all) are a combination of both, due to what I said above.

Regards
Kurt

permanent link

answered 28 Nov '12, 11:35

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 28 Nov '12, 11:40

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×248
×124
×21
×13
×6

question asked: 28 Nov '12, 10:34

question was seen: 2,575 times

last updated: 28 Nov '12, 11:41

p​o​w​e​r​e​d by O​S​Q​A