In this chapter, we will see how it all began by learning about Ethereal, and how over time it become Wireshark. During this journey, you'll gain insight into the many enhancements that improve the overall functionality of Wireshark. In addition, you will appreciate the work of the many authors that contribute to this project, and who help make Wireshark an exceptional tool. So that you can navigate the interface and embrace all of the improvements of Wireshark, we will take a look at the interface so that you can confidently capture and analyze packets. 

In order to better understand the packet analysis process, we'll briefly review each of the phases; gather, decode, display, and analyze. We will then review the built-in command-line tools and finish with a closer look at tshark, a lightweight command-line interface (CLI) application, to use when you need to capture traffic without the resource-intensive overhead of using Wireshark.

This chapter will address all of this by covering the following topics:

• Discovering the beginnings of today's Wireshark
• Examining the Wireshark interface
• Understanding the phases of packet analysis
• Learning Wireshark CLI tools