Frequently Asked Questions


1. General Questions

  1. What is Wireshark?

Gerald Combs, the creator of Ethereal®, has initiated the Wireshark network protocol analyzer project, a successor to Ethereal®. The Ethereal® core developer team has moved with Gerald to the Wireshark project. Consequently, Wireshark is positioned to be the world's most popular network protocol analyzer. It has a rich and powerful feature set, and runs on most computing platforms including Windows, OS X, and Linux. It is freely available as open source, and is released under the GNU General Public License.

For more information, please see the About Wireshark page.

  1. What's up with the name change? Is Wireshark a fork?

In May of 2006, the original author of Ethereal® went to work for CACE Technologies (best known for WinPcap). Unfortunately, he had to leave the Ethereal® trademarks behind. This left the project in an awkward position. The only reasonable way to ensure the continued success of the project was to change the name. This is how Wireshark was born.

Wireshark is almost (but not quite) a fork. Normally a "fork" of an open source project results in two names, web sites, development teams, support infrastructures, etc. This is the case with Wireshark except for one notable exception -- every member of the core development team is now working on Wireshark. More information on the name change can be found here:

2. Downloading Wireshark

3. Installing Wireshark

