Manualshelf

User Guide

ManualsBrandsWireshark ManualsSoftwareWireshark Wireshark - 0.99.5
31323334353637383940
2.8. Installing Wireshark under Windows
In this section we explore installing Wireshark under Windows from the binary packages.
2.8.1. Install Wireshark
You may acquire a binary installer of Wireshark named something like: wireshark-
setup-x.y.z.exe. The Wireshark installer includes WinPcap, so you don't need to download
and install two separate packages.
Simply download the Wireshark installer from: http://www.wireshark.org/download.html#releases
and execute it. Beside the usual installer options like where to install the program, there are several
optional components.
Tip: Just keep the defaults!
If you are unsure which settings to select, just keep the defaults.
2.8.1.1. "Choose Components" page
Wireshark (both Wireshark GTK1 and 2 user interfaces cannot be installed at the same time):
Wireshark GTK1 - Wireshark is a GUI network protocol analyzer.
Wireshark GTK2 - Wireshark is a GUI network protocol analyzer (using the modern GTK2
GUI toolkit, recommended).
GTK-Wimp - GTKWimp is the GTK2 windows impersonator (native Win32 look and feel, re-
commended).
TShark - TShark is a command-line based network protocol analyzer.
You may try the GTK1 selection if you experience any GUI problems with GTK2, e.g. Windows
with only 256 (8bit) color displays won't work well with GTK2. However, the older GTK1 user in-
terface doesn't provide some advanced analyze and statistics features.
Plugins / Extensions (for the Wireshark and TShark dissection engines):
Dissector Plugins - Plugins with some extended dissections.
Tree Statistics Plugins - Plugins with some extended statistics.
Mate - Meta Analysis and Tracing Engine (experimental) - user configurable extension(s) of
the display filter engine, see http://wiki.wireshark.org/Mate for details.
SNMP MIBs - SNMP MIBs for a more detailed SNMP dissection.
Tools (additional commnand line tools to work with capture files):
Editcap - Editcap is a program that reads a capture file and writes some or all of the packets into
another capture file.
Text2Pcap - Text2pcap is a program that reads in an ASCII hex dump and writes the data into a
libpcap-style capture file.
Mergecap - Mergecap is a program that combines multiple saved capture files into a single out-
put file.
Building and Installing Wireshark
21