![]() ![]() Hardware-based packet capture tools are best suited for high-packet rate or high utilization scenarios. I see no value in blasting 1 Gb of traffic at a laptop since I don’t know many analysts who would use their laptops and Wireshark in those scenarios. It was important to make my tests as realistic as possible. In this video, I use a traffic generator and laptop with Wireshark to test both methods to see how they performed. Now, with 1 gigabit the norm, I felt like it was time to revisit this topic. I tested these two utilities back when 100 megabits was all we had to worry about generally speaking, it didn’t matter much which one I chose. There's been a lot of debate over Tshark and Dumpcap since they are both command-line tools, support basic capture filters and can write to files. ![]() The GUI is the most common technique used by network analysts, but those who want to capture from scripts or simply don’t want to work through the GUI use Tshark or Dumpcap. The Wireshark network protocol analyzer provides three basic methods for capturing packets: the GUI, Tshark, and Dumpcap.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |