SlideShare a Scribd company logo

Practical Packet Analysis: Wireshark

Download as PPTX, PDF
A
Ashley Wheeler

Introduction to Wireshark and how it can be used to analyze packets.

Technology
1 of 11
Practical Packet Analysis Introduction To Wireshark
Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol

Recommended

Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 

Recommended

Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptxSalmanKhan222894
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentationNaveen Jakhar, I.T.S
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Introduction to router
Introduction to routerIntroduction to router
Introduction to routerFarhan Galib
 
wireshark
wiresharkwireshark
wiresharkMirza Baig
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentationSaqib Malik
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and FilteringAisha Talat
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Tcpdump
TcpdumpTcpdump
TcpdumpSourav Roy
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Json
JsonJson
JsonShyamala Prayaga
 
Socket Programming
Socket ProgrammingSocket Programming
Socket ProgrammingCEC Landran
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
Wireshark
WiresharkWireshark
WiresharkDeepika Ojha
 

More Related Content

What's hot

Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentationNaveen Jakhar, I.T.S
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Introduction to router
Introduction to routerIntroduction to router
Introduction to routerFarhan Galib
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentationSaqib Malik
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and FilteringAisha Talat
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network mainKanika Gupta
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Socket Programming
Socket ProgrammingSocket Programming
Socket ProgrammingCEC Landran
 

What's hot (20)

Wireshark
WiresharkWireshark
Wireshark
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptx
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
RFC and internet standards presentation
RFC and internet standards presentationRFC and internet standards presentation
RFC and internet standards presentation
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Introduction to router
Introduction to routerIntroduction to router
Introduction to router
 
wireshark
wiresharkwireshark
wireshark
 
Dhcp presentation
Dhcp presentationDhcp presentation
Dhcp presentation
 
IP tables and Filtering
IP tables and FilteringIP tables and Filtering
IP tables and Filtering
 
Virtual Private Network main
Virtual Private Network mainVirtual Private Network main
Virtual Private Network main
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
Json
JsonJson
Json
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
 

Viewers also liked

Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Yoram Orzach
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wiresharkJoshua Kathiravan
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-WiresharkHarsh Singh
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...medfaye
 

Viewers also liked (17)

Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wireshark
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-Wireshark
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
 
Atelier 4
Atelier 4Atelier 4
Atelier 4
 

Similar to Practical Packet Analysis: Wireshark

Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxambersalomon88660
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxsmile790243
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with WiresharkSiddharth Coontoor
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxadampcarr67227
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysisnikitaa25
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer vilss
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxambersalomon88660
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxambersalomon88660
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxrosemarybdodson23141
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxJUST36
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)John Rabidou
 

Similar to Practical Packet Analysis: Wireshark (20)

How to use packet sniffers
How to use packet sniffersHow to use packet sniffers
How to use packet sniffers
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
 
Wiresharkrep
WiresharkrepWiresharkrep
Wiresharkrep
 
Wireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptxWireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptx
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with Wireshark
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wireshark
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysis
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docx
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)
 
Backtrack Manual Part4
Backtrack Manual Part4Backtrack Manual Part4
Backtrack Manual Part4
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 

Practical Packet Analysis: Wireshark

  • 2. Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
  • 3. Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
  • 4. Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
  • 5. Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
  • 6. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
  • 7. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
  • 8. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
  • 9. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
  • 10. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
  • 11. Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol