Why should you use Wireshark?
Whenever you are in need of seeing what actually goes on – when the application/OS/network does not do what you expect.
Wireshark will show you what is ACTUALLY being transmitted/received – as opposed to what the OS/application claims.
- A faulty TCP stack can be revealed by looking at a trace file.
- A networking device that strips Window Scaling factor bits can be detected.
- Applications that are written by external programmers can be proven to communicate with undocumented hosts etc..