Open In App

What are Checksums in Wireshark?

Last Updated : 29 Dec, 2022
Improve
Improve
Like Article
Like
Save
Share
Report

As the name suggests, checksums, mean we are checking and validating received data whether it is correct or incorrect. For this purpose, Wireshark has a feature to ensure that captured packets are original or something is missing.  When Packets go from network to network and router to router it can disturb some data packets over network protocols it may be TCP Protocol or UDP Protocol or any other Protocol and after this data disturbance, we can not produce an exact report of transmitted data. In the case of confidentiality, it becomes more important to check data correctness. For avoiding such kinds of errors, network protocols validate and transfer checksum, and if the same checksum is produced at the end of captured data that means our transmitted or captured data is original and correct. In Wireshark, when it captures data over any protocols, it validates checksums based on their pre-defined algorithms. 

Features of Wireshark Checksums:

  1. It can validate the checksum of many types of protocols for example UDP, IP, TCP, etc.
  2. There are options for checksum validation, Switch on or Switch off.
  3. If their checksum produced an error, then the further process will not be executed.

Let’s see how checksums validation happens in Wireshark, if you want to continue with your system then first download and install the Wireshark tool and open it- 

Steps to View Checksums:

Step 1: Open the Wireshark, it will show the following interface.   Here we are using a Wi-Fi network, so here we are selecting Wi-Fi, you have to select which network interface you are using – 

 

Step 2: After clicking on the network interface, this type of interface will show. Here, Wireshark has started to capture data over available various network protocols. Now click on any one of them to see more information. 

 

Step 3: When We click on any of them, it will show much more information. It is returning that our checksums are not verified. so now we will enable checksums verification for TCP. 

 

Step 4: Next right click on checksums and then Protocol Preferences, it will show many options. 

 

Step 5:  We want to enable checksums Validation for TCP, so select this option and mark it as the right sign. 

 

Step 6: Now our TCP Checksum validation is enabled. Wireshark will validate based on their algorithms, and it will return whether data checksums are correct or not correct. 

 

Step 7: Now if we want to see this information in a much more described way then click on Analyze and select Expert Information. 

 

It shows outputs for specific Captured data. 

 

In this way, we can perform Checksums validation in Wireshark.

Advantages of Checksums in Wireshark:

  1. Checksums ensure the integrity of captured data over network protocols.
  2. If the product error is some checksum is not validated.
  3. Wireshark’s checksums options provide an easy to an understandable format where the user can enable this feature or disable this feature-based need.

Like Article
Suggest improvement
Previous
User DLTs Protocol Table in Wireshark
Next
Microsoft Azure - Resize Managed Disk via PowerShell
Share your thoughts in the comments

Similar Reads

SNMP Users Table in Wireshark
SMI (MIB and PIB) Paths in Wireshark
Viewing Packets You Have Captured in Wireshark
ONC-RPC Programs in Wireshark
Bluetooth Devices in Wireshark
Steps of Marking Packets in Wireshark
MATE’s Configuration Library in Wireshark
ARP in Wireshark
HART-IP in Wireshark
Packet Details Pane Functions in Wireshark
author
narendra4narendra
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox