By reading this book, you will learn how to install Wireshark, how to use the basic elements of the graphical user interface (such as the menu) and what’s behind some of the advanced features that are not always obvious at first sight.

It will hopefully guide you around some common problems that frequently appear for new (and sometimes even advanced) users of Wireshark.

I was trying to do something similar - update a registry setting for the start menu and then immediately have the start menu reflect the changes.

The solution from this MSDN question worked for me perfectly.

Figure1.1, “Wireshark captures packets and lets you examine their contents.” shows Wireshark having captured some packets and waiting for you to examine them.

Wireshark can capture traffic from many different network media types - and despite its name - including wireless LAN as well.

Because of that, it is very easy for people to add new protocols to Wireshark, either as plugins, or built into the source, and they often do!

The amount of resources Wireshark needs depends on your environment and on the size of the capture file you are analyzing.

The values below should be fine for small to medium-sized capture files no more than a few hundred MB.

This book is not intended to explain network sniffing in general and it will not provide details about specific network protocols.

A lot of useful information regarding these topics can be found at the Wireshark Wiki at

This book was originally developed by Richard Sharpe with funds provided from the Wireshark Fund.