SlideShare a Scribd company logo

Practical Packet Analysis: Wireshark

Download as PPTX, PDF
A
Ashley Wheeler

Introduction to Wireshark and how it can be used to analyze packets.

Technology
1 of 11
Practical Packet Analysis Introduction To Wireshark
Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol

Recommended

Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 

Recommended

Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
FTP & TFTP
FTP & TFTPFTP & TFTP
FTP & TFTPNetProtocol Xpert
 
A visual introduction to Apache Kafka
A visual introduction to Apache KafkaA visual introduction to Apache Kafka
A visual introduction to Apache KafkaPaul Brebner
 
Introduction to Apache Kafka
Introduction to Apache KafkaIntroduction to Apache Kafka
Introduction to Apache KafkaAIMDek Technologies
 
IPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishIPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishBruno Cornec
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explainedconfluent
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switchingNetProtocol Xpert
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
Introduction to Apache Spark
Introduction to Apache SparkIntroduction to Apache Spark
Introduction to Apache SparkRahul Jain
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 

More Related Content

What's hot

Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
A visual introduction to Apache Kafka
A visual introduction to Apache KafkaA visual introduction to Apache Kafka
A visual introduction to Apache KafkaPaul Brebner
 
IPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishIPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishBruno Cornec
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocolssiva rama
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explainedconfluent
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
Introduction to Apache Spark
Introduction to Apache SparkIntroduction to Apache Spark
Introduction to Apache SparkRahul Jain
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system pptashutosh rai
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 

What's hot (20)

Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing software
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
 
FTP & TFTP
FTP & TFTPFTP & TFTP
FTP & TFTP
 
A visual introduction to Apache Kafka
A visual introduction to Apache KafkaA visual introduction to Apache Kafka
A visual introduction to Apache Kafka
 
Introduction to Apache Kafka
Introduction to Apache KafkaIntroduction to Apache Kafka
Introduction to Apache Kafka
 
IPMI is dead, Long live Redfish
IPMI is dead, Long live RedfishIPMI is dead, Long live Redfish
IPMI is dead, Long live Redfish
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocols
 
Apache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals ExplainedApache Kafka Architecture & Fundamentals Explained
Apache Kafka Architecture & Fundamentals Explained
 
Layer 2 switching
Layer 2 switchingLayer 2 switching
Layer 2 switching
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptx
 
Introduction to Apache Spark
Introduction to Apache SparkIntroduction to Apache Spark
Introduction to Apache Spark
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 

Viewers also liked

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Yoram Orzach
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wiresharkJoshua Kathiravan
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-WiresharkHarsh Singh
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...medfaye
 

Viewers also liked (18)

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wireshark
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-Wireshark
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
 
Atelier 4
Atelier 4Atelier 4
Atelier 4
 

Similar to Practical Packet Analysis: Wireshark

Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxambersalomon88660
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxsmile790243
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with WiresharkSiddharth Coontoor
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxadampcarr67227
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysisnikitaa25
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer vilss
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxambersalomon88660
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxambersalomon88660
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxrosemarybdodson23141
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxJUST36
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)John Rabidou
 

Similar to Practical Packet Analysis: Wireshark (20)

How to use packet sniffers
How to use packet sniffersHow to use packet sniffers
How to use packet sniffers
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
 
Wiresharkrep
WiresharkrepWiresharkrep
Wiresharkrep
 
Wireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptxWireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptx
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with Wireshark
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptx
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wireshark
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysis
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docx
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Practical Packet Analysis: Wireshark

  • 2. Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
  • 3. Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
  • 4. Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
  • 5. Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
  • 6. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
  • 7. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
  • 8. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
  • 9. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
  • 10. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
  • 11. Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol