目录
一、WireShark 下载
二、WireShark 安装
(1)双击运行安装程序
(2)Choose Components:选择组件
(3)Additional Tasks:附加任务
(4)Choose lnstall Location:选择安装位置
(5) Packet Capture:包捕获
(6)USB Capture:USB 捕获
(7)安装 Npcap
(8)安装 USBPcap
(9)重启电脑
三、WireShark 使用
(1)启动 WireShark
(2)使用教程
一、WireShark 下载
官网下载地址:https://www.wireshark.org/
二、WireShark 安装
(1)双击运行安装程序
(2)Choose Components:选择组件
Choose which features of Wireshark 4.0.1 64-bit you want to install.
选择要安装的 Wireshark 4.0.1 64 位的需要的功能,默认全选即可
The following components are available for installation.
以下组件可供安装。
Select components to install:
选择要安装的组件:
Wireshark:The main network protocol analyzer application. 主要的网络协议分析器应用。TShark:Text based network protocol analyzer. 基于文本的网络协议分析仪。Plugins & Extensionslools:Plugins and extensions for both Wireshark and TShark. Wireshark 和 TShark 的插件和扩展。Tools:Additional command line based tools. 其他基于命令行的工具。Documentation:Install an offline copy of the User's Guide and FAQ. 安装 “用户指南” 和 “常见问题” 的脱机副本文献。
(3)Additional Tasks:附加任务
Create shortcuts and associate file extensions.
创建快捷方式并关联文件扩展名,默认全选即可
Create Shortcuts:创建快捷方式
Wireshark Start Menu Item:Wireshark开始菜单项Wireshark Desktop Icon:Wireshark桌面图标Wireshark Quick Launch Icon:Wireshark 快捷方式图标
Associate File Extensions:关联文件扩展
Associate trace file extensions with Wireshark
将跟踪文件扩展名与 Wireshark 关联起来
Extensions include 5vw, acp, apc, atc, bfr, cap, enc, erf , fdc, ipfix, Icap, mplog, ntar, out, pcap, pcapng, pklg, pkt, rf5, snoop, syc, tpc, tr1, trace, trc,vwr, wpc, and wpz.
扩展包括 5vw, acp, apc, atc, bfr, cap, enc, erf , fdc, ipfix, Icap, mplog, ntar, out, pcap, pcapng, pklg, pkt, rf5, snoop, syc, tpc, tr1, trace, trc,vwr, wpc, and wpz.
(4)Choose lnstall Location:选择安装位置
Choose the folder in which to install Wireshark 4.0.1 64-bit.
选择要安装Wireshark 4.0.1 64位的文件夹,需自定义安装路径
(5) Packet Capture:包捕获
Wireshark requires either Npcap or WinPcap to capture live network data.
Wireshark 需要 Npcap 或 WinPcap 来捕获实时网络数据,默认全选即可
Currently installed Npcap or WinPcap version
当前已安装的 Npcap 或 WinPcap 版本号
WinPcap 4.1.3
Install:安装 Install Npcap 1.71:安装 Npcap 1.71 The currently installed WinPcap 4.1.3 may be uninstalled first.
当前安装的 WinPcap4.1.3 可以先卸载。
Important notice:重要通知 lf your system has crashed during a Wireshark installation, you must run the command'net stop npcap' as Administrator before upgrading Npcap, so that it doesn't crash again
如果您的系统在 Wireshark 安装期间崩溃,则必须在升级 Npcapk 之前以管理员身份运行命令 ‘net Stop npcape’,这样它就不会再次崩溃
(6)USB Capture:USB 捕获
USBPcap is required to capture USB traffic. Should USBPcap be installed(experimental)?
要捕获 USB 流量,需要 USBPcap。是否应该安装 USBPcap (实验)?
注意:此处根据需要选择安装,这个插件还是测试版本的,本人选择安装
Currently installed USBPcap version
当前已安装的 USBPcap 版本号
USBPcap is currently not installed:当前未安装 USBPcap
Install:安装 Install USBPcap 1.5.4.0:安装 USBPcap 1.5.4.0 (Use Add/Remove Programs first to uninstall any undetected old USBPcap versions)
(首先使用添加/删除程序卸载任何未检测到的旧 USBPcap 版本)
Important notice:重要通知 In case of issue after installation, please use the system restore point created or readhttps://github.com/desowin/usbpcap/issues/3
如果安装后出现问题,请使用所创建的系统恢复点或浏览网址说明:
https://github.com/desowin/usbpcap/issues/3
(7)安装 Npcap
Installation Options:安装选项 Please review the following options before installing Npcap 1.71
在安装 Npcap1.71 之前,请检查以下选项,默认全选即可
Restrict Npcap driver's access to Administrators only:仅限制 Npcap 驱动程序访问管理员Support raw 802.11 traffic (and monitor mode) for wireless adapters:支持无线适配器的原始 802.11 通信量(和监视模式)Install Npcap in WinPcap API-compatible Mode (WinPcap will be uninstalled) :在WinPcapAPI 兼容模式下安装 Npcap (将卸载 WinPcapd )
(8)安装 USBPcap
(9)重启电脑
检查电脑的文件是否保存,此步骤需要重新 Windows 系统,WireShark 才可以完全安装成功,重启后才可以使用 WireShark
三、WireShark 使用
(1)启动 WireShark
(2)使用教程
查看我的另一博文:
【抓包工具】实战:WireShark 捕获过滤器的超全使用教程https://blog.csdn.net/qq_39720249/article/details/128157288
查看『 元宇宙-Metaverse 』所写的博客:
Wireshark零基础使用教程(超详细)https://www.cnblogs.com/yuanyuzhou/p/16308963.html
相关链接
您阅读本篇文章共花了:
发表评论