VoIP calls in the captured traffic can be detected.Plug-ins can be created for dissecting new protocols.Live data can be read from a number of types of networks, including Ethernet, IEEE 802.11, PPP, and loopback.Data display can be refined using a display filter.Data can be captured "from the wire" from a live network connection or read from a file of already-captured packets.Captured network data can be browsed via a GUI, or via the terminal (command line) version of the utility, TShark.Captured files can be programmatically edited or converted via command-line switches to the "editcap" program.Overall, Wireshark Portable is a very useful and powerful packet analyzer which can diagnose many types of issues affecting a computer. For those familiar, tshark is Wireshark's equivalent of tcpdump which is traditionally a console-only version of Wireshark.Ĭalled by some the Swiss army knife of network troubleshooting, is it by far one of the best Network sniffers available on the market and the very best among free applications. Some of the powerful features available with Wireshark include the ability to view the (reconstructed) stream of a TCP/UDP session while supporting literally hundreds of different types of data and media.Ī separate program is also include called tshark. With Wireshark, you can perform real-time and interactive analysis of the data that has been captured, perfect for diagnosis errors on a network. It can view data in real-time and also log the data being sent on a network to a file on disk.Īs a portable application, Wireshark Portable can be run from virtually anywhere and does not need to be installed that means no leftovers when you're doing using the application. Wireshark Portable is a very popular, completely free and highly recommended network protocol analyzer.