Wireshark is a free and open-source packet analyzer that allows users to examine network traffic and capture packet data that transmits across a network. It can operate on Windows, Linux, OS X, and other platforms. Wireshark has a user-friendly interface and can decode protocols like ASCII and HEX. It displays captured network frames along with packet details at each layer of the TCP/IP model. While useful for network analysis, Wireshark can also be used to launch attacks by capturing sensitive information, usernames, and passwords transmitted over the network.
2. What is Wireshark
• Wireshark is a free and open source packet
analyzer.
• A protocol analyzer, such as Wireshark, is used to
copy frames off of an active network
• These frames are like the cars on the highway
• By capturing and examining these frames we can
see exactly what is happening on the network
3. Why Wireshark
• What I liked about it!
• Multi-platform: Windows, Linux, OS X, Solaris,
FreeBSD, NetBSD.
• It has a user friendly interface (GUI)
• Colo-ring
• And most importantly its ability to decode
most of the algorithms namely ASCII,HEX
6. Copyright 2007-2010 Kenneth M. Chipps Ph.D.
www.chipps.com
Wireshark
6
The frames
that were
captured
The layers in the
currently
selected frame
The contents of the
current layer in hex
and ASCII
8. Copyright 2007-2010 Kenneth M. Chipps Ph.D.
www.chipps.com
The Layers
8
The frame
shown in
detail below
All the layers in
this frame
The contents
of the
selected layer
The contents in hex
The contents in
ASCII
13. How wireshark can be used to launch an
attack ?
1-Capturing sensitive or personal information
2-Capturing usernames and passwords
(Which will be shown in the demo )
Wireshark is a free and open source packet analyzer. It is used for network troubleshooting, analysis, software and communication protocol development and education.
As you will recall from the OSI model there are several layers that each do different functions that are part of the captured frame
This is also true of the TCP/IP model which all current networks use
It is divided up into these layers