Wireshark is an open source network packet/protocol analyzer. A network packet analyzer captures network packets and tries to display that packet data as detailed as possible. Wireshark is perhaps one of the best open source packet analyzers available today for UNIX and Windows. Wireshark isn't an intrusion detection system. Wireshark will not manipulate data on the network.
Legitimate Uses of Wireshark:
• Network administrators use it to troubleshoot network problems
• Network security engineers use it to examine security problems
• Developers use it to debug protocol implementations
• People use it to learn network protocol internals