What devices can Wireshark use to capture packets?
Wireshark can read live data from Ethernet, Token-Ring, FDDI, serial (PPP and SLIP) (if the OS on which it’s running allows Wireshark to do so), 802.11 wireless LAN (if the OS on which it’s running allows Wireshark to do so), ATM connections (if the OS on which it’s running allows Wireshark to do so), and the “any” device supported on Linux by recent versions of libpcap. See the list of supported capture media on various OSes for details (several items in there say “Unknown”, which doesn’t mean “Wireshark can’t capture on them”, it means “we don’t know whether it can capture on them”; we expect that it will be able to capture on many of them, but we haven’t tried it ourselves – if you try one of those types and it works, please update the wiki page accordingly. It can also read a variety of capture file formats, including: • AG Group/WildPackets EtherPeek/TokenPeek/AiroPeek/EtherHelp/Packet Grabber captures • AIX’s iptrace captures • Accellent’s 5Views LAN agent output • Cinco Networks
Related Questions
- When I use Wireshark to capture packets, why do I see only packets to and from my machine, or not see all the traffic Im expecting to see from or to the machine Im trying to monitor?
- When I capture with Wireshark, why can I see any TCP packets other than packets to and from my machine, even though another analyzer on the network sees those packets?
- Can I use Wireshark/Ethereal to capture 802.11 packets ?
