why…

Why should you use Wireshark?

Whenever you are in need of seeing what actually goes on – when the application/OS/network does not do what you expect.
Wireshark will show you what is ACTUALLY being transmitted/received – as opposed to what the OS/application claims.

  • A faulty TCP stack can be revealed by looking at a trace file.
  • A networking device that strips Window Scaling ¬†factor bits can be detected.
  • Applications that are written by external programmers can be proven to communicate with undocumented hosts etc..