why I prefer wireshark to network monitor
2010-06-29 20:42
274 查看
Personally, I prefer wireshark to network monitor for:
Wireshark runs on many platforms including windows, linux, mac os x, etc. I need to work both on linux and windows, and I'd like to keep my toolbox as compact as possible.
Wireshark uses a widely adopted syntax for capture filters and disply filters which dare I call them de facto. The same syntax is used in windump and tcpdump. I don't need to remember additional syntax even work in a GUI-less environment.
Filters in wireshark seems to be more powerful. For example, the filter "tcp.flags.syn==1" enables me to view tcp SYN messages only. Based on my limited experience with network monitor, I'm not aware if it can filter at this granularity.
But network monitor has the advantage of being able to categorize network messages by processes. As shown in the image below:
It's a very convenient feature that helps me easily find out messages I'm interested in. Especially when I need to debug a process whose port numbers are picked at random or dynamically.
Wireshark runs on many platforms including windows, linux, mac os x, etc. I need to work both on linux and windows, and I'd like to keep my toolbox as compact as possible.
Wireshark uses a widely adopted syntax for capture filters and disply filters which dare I call them de facto. The same syntax is used in windump and tcpdump. I don't need to remember additional syntax even work in a GUI-less environment.
Filters in wireshark seems to be more powerful. For example, the filter "tcp.flags.syn==1" enables me to view tcp SYN messages only. Based on my limited experience with network monitor, I'm not aware if it can filter at this granularity.
But network monitor has the advantage of being able to categorize network messages by processes. As shown in the image below:
It's a very convenient feature that helps me easily find out messages I'm interested in. Especially when I need to debug a process whose port numbers are picked at random or dynamically.
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- why I prefer wireshark to network monitor
- 10 examples of Linux ss command to monitor network connections
- How to Monitor and Log Network Traffic on Linux Using vnStat
- How To Capture Data Packets On A Network Using Wireshark (a. k. a. Ethereal)
- Intro to Filtering with Network Monitor 3.0
- Why I Prefer '' to std::endl 译文
- Why I still prefer Prototype to jQuery
- Why BCP connects to SQL Server instance which start with account of Network Service fail?
- How to Monitor Your Network Usage in Windows 8 (And Prevent Paying For The Extra Bandwidth)
- How To Capture Data Packets On A Network Using Wireshark (a. k. a. Ethereal)
- How to Monitor Network Traffic in Linux
- How to Monitor and Log Network Traffic on Linux Using vnStat
- 18 commands to monitor network bandwidth on Linux server
- Intro to Filtering with Network Monitor 3.0
- Use ELK stack to monitor syslog from network devices
- Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
- 论文读书笔记-Using neural network to combine measures of word semantic similarity for image annotation
- 为什么深度神经网络难以训练Why are deep neural networks hard to train?
- Why the same files are copied to /Approot and /Siteroot in Windows Azure WebRole?
- How to access network speed when playing video in