You will need a Windows or Linux machine, either physical or virtual. All that is required is to install Wireshark, available from its official website (http://www.wireshark.org/). The package contains a suite of tools including Tshark. For Windows, the installer will guide you to download WinPcap (the libpcap version for Windows). The Wireshark distribution will also include various command-line tools for treating capture files. Some of these tools (Editcap MergeCap, Text2pcap, Capinfos, and so on) will be used at some points in the How-to. To carry out the examples shown in the book, the latest version of Tshark (1.8.4) has been compiled on an Ubuntu 12.04 machine.