Problem
I am researching Wireshark and have to explain how investigators may implement the following Wireshark capabilities and provide the references:
i. The capture of live packet data from a network interface.
ii. How Wireshark can open files containing the captured packet data from other tools, such as TCPDump, Windump, or Snort?
iii. How Wireshark can save, export, and filter packet captured and based on criteria?
iv. How Wireshark can search for packets based on certain criteria?
v. How Wireshark can colorize a packet display based on a selected filter scheme?