Wireshark is a software tool used to monitor the network traffic through a network interface. It is the most widely used network monitoring tool today. Wireshark is loved equally by system administrators, network engineers, network enthusiasts, network security professionals, and black hat hackers. It is a network protocol analyzer that captures packets from a network connection. The packet is the name given to a distinct unit of data in a typical Ethernet network.
The View Menu:
The “View” menu is located on Wireshark’s main menu at the top of the main window (Windows, Linux) or at the top of the main screen (macOS). It contains options for displaying the captured data, including colorization of packets, zooming the font, showing a packet in a separate window, and expanding and collapsing trees in packet details.
View Menu Options:
|
Options |
Description |
|---|---|
|
Main Toolbar |
This option hides or shows the main toolbar section. It provides quick access to frequently used items from the menu. The items in the main toolbar will be disabled or enabled according to their menu item. |
|
Filter Toolbar |
This option hides or shows the filter toolbar section. We can quickly edit and apply display filters according to the input. |
|
Wireless Toolbar |
This option hides or shows the wireless toolbar section. Not present on some platforms like Windows. |
|
Status Bar |
This option hides or shows the status bar. The left part has information related to the context. The middle part displays the current capture file and the right part displays the selected configuration profile. |
|
Packet List |
This option hides or shows the packet list pane. The packet list pane displays all the packets in the current capture file. |
|
Packet Details |
This option hides or shows the packet details pane. The packet details pane displays the selected packet in a more detailed format. |
|
Packet Bytes |
This option hides or shows the packet bytes pane. It displays the selected packet in a hex dump format. |
|
Packet Diagram |
This option hides or shows the packet diagram pane. It displays the selected packet in form of a diagram. |
|
Time Display Format |
Each captured packet is timestamped. These timestamps will be saved to the capture file so that they can be analyzed further. There are many timestamp presentation formats and precision available in the Time Display Format item to choose from. |
|
Name Resolution -> Resolve Name |
This option allows us to trigger a name resolution of the current packet. It tries to convert numerical address values into a human-readable format. |
|
Name Resolution -> Enable for MAC Layer |
This option allows us to enable or disable the translation of MAC addresses into names. |
|
Name Resolution -> Enable for Network Layer |
This option allows us to enable or disable the translation of network addresses into names. |
|
Name Resolution -> Enable for Transport Layer |
This option allows us to enable or disable the translation of transport addresses into names. |
|
Colorize Packet List |
This option allows us to control whether or not Wireshark should colorize the packet list. The display of new packets while capturing or loading capture files will slow down if we enable colorization. |
|
Auto Scroll in Live Capture |
This option automatically scrolls the packet list pane whenever new packets arrive so that we are always looking at the last packet. Otherwise, the packets add to the end of the list but the packet list pane does not scroll itself. |
|
Zoom In |
Zoom into the packet data. |
|
Zoom Out |
Zoom out of the packet data. |
|
Normal Size |
It sets the zoom level back to 100%. |
|
Resize All Columns |
Resize all column widths so the content will fit into it. It will take a significant amount of time, especially if a large capture file is loaded. |
|
Expand Subtrees |
This option expands the currently selected subtree in the packet details tree. |
|
Collapse Subtrees |
This option collapses the currently selected subtree in the packet details tree. |
|
Expand All |
Wireshark keeps a list of all the protocol subtrees that are expanded and uses it to ensure that the correct subtrees are expanded when you display a packet. |
|
Collapse All |
This option collapses the tree view of all packets in the capture list. |
|
Colorize Conversation |
This option pops up a submenu that allows you to color packets in the packet list pane based on the addresses of the currently selected packet. |
|
Coloring Rules |
This option pops up a dialogue box that allows us to color packets in the packet list pane according to filter expressions you choose. |
|
Internals |
It gives information about various internal data structures. |
|
Show Packets in New Window |
It shows the selected packet in a separate window. It displays details about the packet and bytes of the packet. |
|
Reload |
This option allows us to reload the current capture file. |
