How does an app like Wireshark work?

Question

How does an app like Wireshark work?

I am wondering how wirehark works. What will be the design of an application that could listen to traffic on all ports of this computer? What is the eavesdropping that such an application generates? What would be a good way to write an application that tracks traffic?

thank

+3

wireshark software-design

jd. Oct 15 '10 at 3:22

source share

2 answers

Windows Filtering Platform ( Vista +, XP - WFP ). WFP "" , , , .

+1

Dean Harding 15 . '10 3:28

user323094 · Accepted Answer · 2010-12-18T10:57:47+0000

Wireshark uses libpcap on unix platforms and its WinPcap port for Windows. This library provides an API for capturing packets (Wireshark can also capture frames, but I have not found in pcap docs that pcap can do this).

, ; libpcap tcpdump unix ( , ) WinPcap Windows Filtering Platform Windows.

: http://www.tcpdump.org/pcap3_man.html http://www.winpcap.org/docs/docs_412/html/main.html

How does an app like Wireshark work?

More articles: