The Wireshark network protocol analyzer has been used by networking professionals for the last two decades and today the technology is finally getting its own open source foundation.

Wireshark got its start back in 1998, originally known as Ethereal and was rebranded in 2006. From its inception, the technology was available as open source, though it has followed a somewhat meandering path of corporate sponsorship as the project's founder Gerald Combs has changed jobs.

In 2006 Combs was working at CACE Technologies, which was the lead sponsor, until the company was acquired by Riverbed in 2010. In 2021, he moved to Sysdig, which has been the lead sponsor the last several years. However, today the project has moved to the new Wireshark Foundation, which is a nonprofit open source organization designed to help grow the technology, expand contributions, and support further usage.

All network traffic that flows over a wired or wireless interface, makes use of some kind of protocol.

Combs explained that what Wireshark does is take the very low level network-based packet information and displays it in a form that humans can understand. Beyond the basic functionality, Combs noted that there are upwards of 5 million lines of code in Wireshark providing features for protocol analysis and network traffic observability.

Wireshark captures and analyzes network traffic in real-time. The technology supports many types of connections including wired Ethernet, Wi-Fi, and Bluetooth, as well as an exhaustive range of networking protocols. Wireshark is commonly used to help analyze network performance, troubleshoot issues and can also be helpful in identifying potential security risks as well.

Network traffic in 2023 isn't the same as it was in 1998 when Wireshark was first built and the open source project has been continuously iterating to stay ahead of network traffic trends.

"One trend has been to just shove everything as JSON over HTTP and for better or worse that's how a lot of computers talk nowadays," Combs said.

Another network trend that has emerged over the last two decades is the move towards encrypting the majority of network traffic in order to help improve security and provide data privacy. A challenge of encryption for networking professionals is that the same technology that protects data, makes it more difficult to get visibility into traffic and potential networking issues. Combs noted that network data encryption has been a challenge for Wireshark, but there are ways that the technology does work today to help network administrators get visibility for encrypted network traffic.

Decades after he first built the technology, Combs remains confident in both the practical utility of Wireshark as well as its future.

"I think low-level system knowledge is important as the modern world runs over software, and that software runs over computer networks," Combs said. "It's important for at least some small segment of the population to be able to troubleshoot networks and I hope the foundation helps to advance that knowledge and keep this technology that underpins our society reliable and fast and secure."