Working with Wireshark

When developing network applications, it's often useful to be able to see exactly
what's being transmitted over the network. Maybe something weird is going on with
your framing, you're trying to discover the user agent for your browser, or you want
to see what's happening in the IP protocol or lower layers. We can employ a class of
tools called packet sniffers to do this.

Packet sniffers

Packet sniffers are designed to capture all the network traffic that enters and leaves
a computer, allowing us to see the full, raw contents of all packets that our programs
send and receive, and all the headers and payloads of all the protocols on the stack.

We're going to take a quick look at one of these applications. It not only provides
us with a very useful debugging tool for network programming, it also gives you
a direct view of the structure of network traffic and gives you a better feel for the
concepts of layering and encapsulation.

A small word of caution before we begin though; if you're using a computer on a
network you do not own, such as at your place of work or study, you should get
permission from your network administrator before running a packet sniffer. On
networks that use network hubs rather than switches, sniffers may capture data
destined for computers other than your own. Also, running a packet sniffer may be
against your network's usage policy. Even if it's not, packet sniffers are powerful
network monitoring tools and administrators generally like to be aware of when
they're being used.

If this turns out to be difficult, don't panic! This book doesn't rely on having access
to a packet sniffer at any point; we just think that you'll find them handy while
programming for networks.