Wireshark is the 26 drawer toolset.

Charles is by itself an outstanding tool for examining packets and getting started measuring load on your server. Mastering Charles is a great selling point for your career and will undoubtedly allow you to improve your client-server responses.

Wireshark is a different level of detail and a much deeper experience. In this piece we won’t even get into setting up Wireshark. Instead, we’ll ask what it does and what it could do for you.

Not everyone needs a mechanic’s 26 drawer toolset, digital engine monitors, 12 hydraulic lifts and the shelves of tires and racks of wheels and batteries.

Some mechanics can fit all their tools in one box that they can carry. And bigger jobs mean they will hire someone else.

Those mechanics don’t use Wireshark.

Wireshark is the 26 drawer toolset.

Wireshark would easily be used to troubleshoot a wifi network. Charles could be used for that, but only with some struggle. Charles itself suggests using a tool such as Ethereal for socket-level debugging. But we will consider Wireshark here.

I was troubleshooting a WiFi network in a brokerage office in California. The office-owned mobile phones were losing connections. This meant that not only were conversations being cut short, but time-sensitive information was at jeopardy. The devices should have been able to re-connect and immediately resume their wifi VOIP calls if the connection was lost. Even if it was lost for several seconds, there should have been a reconnect attempt. But this was not happening.

Furthermore, the app team could not monitor the situation from our home office. We had to go to the brokerage.

Wireshark allowed us to monitor the packets from a laptop while two of us traveled about the office, looking for WiFi empty zones. Once we re-created the problem scenario, we were able to find a bug in the software that was preventing the automatic reconnection. The brokerage office was happy. The app was working better than before. And it was all possible without electronic wifi monitoring equipment aside from our own laptops and Wireshark.

Wireshark is a network protocol analyzer. You might think that’s a pseudonym for packet sniffer. You might be right. And if you are a security engineer, learning about Wireshark https://gitlab.com/wireshark/wireshark/-/wikis/home is critical if you are to understand potential security lapses in your own network. There are YouTube videos that will teach you how to use Wireshark to sniff packets and break into networks — once you have or guess the passwords. https://www.youtube.com/watch?v=1x31YZ7DVCM. A good security engineer will always want to know how to beat the bad guys.

But one of the most important and underrated uses of Wireshark is to learn about network protocols themselves. Learning to use Wireshark means learning to see packet structures, and learning to debug them. And learning network layers. And not just TCP and UDP. But Bluetooth and USB. Fastestapp is the place for learning these things. Next time we’ll get started with initial setup of Wireshark.