I was reading a Networking book that talks about packet sniffers and protocol analyzers. The book was basically saying these are two diffrent things but often get confused between one another. My question is; Is wireshark a Packet Sniffer or Protocol Analyzer or a combination of the two? I did also read some products really are both a paket sniffer and protocol analyzer. Thnak You. asked 28 Nov '12, 10:34  I_GEEK_IT edited 28 Nov '12, 11:41  grahamb ♦ |
One Answer:
It's both. Before you can analyze a protocol, you need to capture (sniff) some packets. If you want to be really precise, then you would call Wireshark just a protocol analyzer, as the current version does not capture (sniff) the packets itself. It uses another tool, that is part of Wireshark: dumpcap. So one could say: dumpcap is the packet capture tool (the sniffer) and Wireshark is the analyzer.
most products (if not all) are a combination of both, due to what I said above. Regards answered 28 Nov '12, 11:35  Kurt Knochner ♦ edited 28 Nov '12, 11:40 |
