SlideShare a Scribd company logo

Wireshark Network Protocol Analyzer

Download as PPTX, PDF
Jim Gilsinn
Jim Gilsinn

Presented in May 2010 This presentation goes through the Wireshark network analyzer. It presents an overview of the different features that I've found useful while doing network performance analysis for ICS network protocols.

Technology
1 of 23
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark Network Protocol Analyzer Jim Gilsinn Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) Sensor Standardization & Harmonization Working Group May 18, 2010 1
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Overview • • • • • Wireshark: What Is It? A Brief History What Can It Do? How Do I Use It? Demo – – – – Starting Screen Capture Screen Capture File Statistics Packet Filtering • Summary • Where Can I Get It? Sensor Standardization & Harmonization Working Group May 18, 2010 2
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark: What Is It? • De-facto network packet analyzer • Open-source – GNU General Public License – Over 680 Contributors • Multi-platform – Pre-compiled installers for PC/Mac – Source code & instructions for Unix & Linux • Extensible – Add-ons and extensions are relatively easy to build Sensor Standardization & Harmonization Working Group May 18, 2010 3
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration A Brief History • Started out in 1998 as Ethereal 0.2.0 • Became Wireshark in 2006 – Original developer changed companies – Name remained property of previous company – Started as Wireshark 0.99 • Currently 3 versions available – Version 1.0.13 – Old stable release – Version 1.2.8 – Stable release – Version 1.3.5 – Development release Sensor Standardization & Harmonization Working Group May 18, 2010 4
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration What Can It Do? • Capture live network traffic – Variety of networks (Ethernet, WiFi, Bluetooth, USB, etc.) • Import capture files from multiple packages – 35 different file network capture file formats • Display packets in great detail – Over 1000 different protocol decoders have been written • Identify bad packets – Wireshark knows what the packets should look like • Search and filter packets – Over 75k different filter variables • Track “conversations” Sensor Standardization & Harmonization Working Group May 18, 2010 5
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Protocol & data analysis – Analyze client-server interaction, errors, network data verification • Latency – Client-server request-response timing Sensor Standardization & Harmonization Working Group May 18, 2010 6
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Non-web-based applications – Jitter on repeating network packets – Hardware-assisted packet analysis Sensor Standardization & Harmonization Working Group May 18, 2010 7
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? Sensor Standardization & Harmonization Working Group May 18, 2010 8
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Starting Screen Sensor Standardization & Harmonization Working Group May 18, 2010 9
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen Sensor Standardization & Harmonization Working Group May 18, 2010 10
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Filtered Packets Sensor Standardization & Harmonization Working Group May 18, 2010 11
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Details Sensor Standardization & Harmonization Working Group May 18, 2010 12
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Hex/ASCII Sensor Standardization & Harmonization Working Group May 18, 2010 13
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture File Statistics Sensor Standardization & Harmonization Working Group May 18, 2010 14
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Summary • Basic information about the file • File format • Number of packets • Capture duration • Average packets/second Sensor Standardization & Harmonization Working Group May 18, 2010 15
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Protocol Hierarchy • Displays protocol layering • Shows basic statistics for each protocol layer Sensor Standardization & Harmonization Working Group May 18, 2010 16
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Conversations • Identifies and tracks individual streams of traffic • Can track multiple protocols Sensor Standardization & Harmonization Working Group May 18, 2010 17
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: IO Graph • Graphical representation of packet timing • Helps identify causes/effects for packets Sensor Standardization & Harmonization Working Group May 18, 2010 18
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Packet Filtering Sensor Standardization & Harmonization Working Group May 18, 2010 19
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Building Packet Filters Sensor Standardization & Harmonization Working Group May 18, 2010 20
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Summary • Wireshark is the de-factor standard – Very versatile – Extensible • Wireshark provides insight into what’s happening on the network – Capture and view network traffic – Investigate network issues – Monitor application interactions • The only way to understand your network is to understand the packets Sensor Standardization & Harmonization Working Group May 18, 2010 21
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Where Can I Get It? • Wireshark Website – http://www.wireshark.org • Wireshark Download – http://www.wireshark.org/download.html • Wireshark Documentation – http://www.wireshark.org/docs/ • Wireshark Wiki – http://wiki.wireshark.org/ Sensor Standardization & Harmonization Working Group May 18, 2010 22
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Questions? • Jim Gilsinn – Intelligent Systems Division Manufacturing Engineering Laboratory National Institute of Standards & Technology 100 Bureau Drive, Stop 8230 Gaithersburg, MD 20899-8230 – 301-975-3865 – james.gilsinn@nist.gov – http://www.nist.gov/mel/isd Sensor Standardization & Harmonization Working Group May 18, 2010 23

Recommended

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
Alanoud Alqoufi
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
Kateryna Haskova
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 

Recommended

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
Alanoud Alqoufi
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
Kateryna Haskova
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Chaman Poorani
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Dhananja Kariyawasam
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis
Yoram Orzach
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
bala150985
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
piya30
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
Yoram Orzach
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
Fabio Rosa
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
Rehan ali
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Yoram Orzach
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
Yoram Orzach
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
Daniel Bimschas
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
n|u - The Open Security Community
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Giuseppe Anastasi
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tour
gigamon_systems
 
Wireshark
WiresharkWireshark
Wiresharkashiesh0007
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide share
MUHAMMED SIDIBEH
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
Sachidananda Sahu
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
Yoram Orzach
 
MARNEW at IETF 94
MARNEW at IETF 94MARNEW at IETF 94
MARNEW at IETF 94
Natasha Rooney
 
4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf
Admin621695
 

More Related Content

What's hot

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Chaman Poorani
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Dhananja Kariyawasam
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis
Yoram Orzach
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
bala150985
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
piya30
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
Yoram Orzach
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
Fabio Rosa
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
Rehan ali
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Yoram Orzach
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
Yoram Orzach
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
Daniel Bimschas
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
n|u - The Open Security Community
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Giuseppe Anastasi
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tour
gigamon_systems
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide share
MUHAMMED SIDIBEH
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
Sachidananda Sahu
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
Yoram Orzach
 

What's hot (20)

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
 
Wireshark
WiresharkWireshark
Wireshark
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tour
 
Wireshark
WiresharkWireshark
Wireshark
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide share
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
 

Similar to Wireshark Network Protocol Analyzer

MARNEW at IETF 94
MARNEW at IETF 94MARNEW at IETF 94
MARNEW at IETF 94
Natasha Rooney
 
4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf
Admin621695
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)
Jim Gilsinn
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateBrandon Height
 
Data Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel IndustryData Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel Industry
Agence du Numérique (AdN)
 
Resume--John PustaI
Resume--John PustaIResume--John PustaI
Resume--John PustaIJohn Pustai
 
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generationIEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEEGLOBALSOFTSTUDENTPROJECTS
 
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
IEEEFINALSEMSTUDENTSPROJECTS
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
jamieayre
 
vlsi ajal
vlsi ajalvlsi ajal
vlsi ajal
AJAL A J
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Laurent Lefort
 
SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013
Charith Perera
 
NetSim Webinar on IOT
NetSim Webinar on IOTNetSim Webinar on IOT
NetSim Webinar on IOT
KAVITHA IYER
 
ITU-T Study Group 11 Introduction
ITU-T Study Group 11 IntroductionITU-T Study Group 11 Introduction
ITU-T Study Group 11 Introduction
ITU
 
Intro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdfIntro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdf
AshokGovindarajan1
 
ION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get InvolvedION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get Involved
Deploy360 Programme (Internet Society)
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT Forensics
MuhammadAwaisQureshi6
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
Raffael Marty
 

Similar to Wireshark Network Protocol Analyzer (20)

MARNEW at IETF 94
MARNEW at IETF 94MARNEW at IETF 94
MARNEW at IETF 94
 
4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-update
 
Data Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel IndustryData Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel Industry
 
Resume--John PustaI
Resume--John PustaIResume--John PustaI
Resume--John PustaI
 
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generationIEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
 
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
 
vlsi ajal
vlsi ajalvlsi ajal
vlsi ajal
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
 
SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013
 
NetSim Webinar on IOT
NetSim Webinar on IOTNetSim Webinar on IOT
NetSim Webinar on IOT
 
ITU-T Study Group 11 Introduction
ITU-T Study Group 11 IntroductionITU-T Study Group 11 Introduction
ITU-T Study Group 11 Introduction
 
Intro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdfIntro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdf
 
10probs.ppt
10probs.ppt10probs.ppt
10probs.ppt
 
ION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get InvolvedION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get Involved
 
Naveen Resume
Naveen ResumeNaveen Resume
Naveen Resume
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT Forensics
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 

More from Jim Gilsinn

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
Jim Gilsinn
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
Jim Gilsinn
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
Jim Gilsinn
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!
Jim Gilsinn
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
Jim Gilsinn
 
ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance Lab
Jim Gilsinn
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
Jim Gilsinn
 
Low-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance TestingLow-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance Testing
Jim Gilsinn
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Jim Gilsinn
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze it
Jim Gilsinn
 

More from Jim Gilsinn (12)

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
 
ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance Lab
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Low-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance TestingLow-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance Testing
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze it
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Neo4j
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 

Wireshark Network Protocol Analyzer

  • 1. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark Network Protocol Analyzer Jim Gilsinn Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) Sensor Standardization & Harmonization Working Group May 18, 2010 1
  • 2. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Overview • • • • • Wireshark: What Is It? A Brief History What Can It Do? How Do I Use It? Demo – – – – Starting Screen Capture Screen Capture File Statistics Packet Filtering • Summary • Where Can I Get It? Sensor Standardization & Harmonization Working Group May 18, 2010 2
  • 3. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark: What Is It? • De-facto network packet analyzer • Open-source – GNU General Public License – Over 680 Contributors • Multi-platform – Pre-compiled installers for PC/Mac – Source code & instructions for Unix & Linux • Extensible – Add-ons and extensions are relatively easy to build Sensor Standardization & Harmonization Working Group May 18, 2010 3
  • 4. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration A Brief History • Started out in 1998 as Ethereal 0.2.0 • Became Wireshark in 2006 – Original developer changed companies – Name remained property of previous company – Started as Wireshark 0.99 • Currently 3 versions available – Version 1.0.13 – Old stable release – Version 1.2.8 – Stable release – Version 1.3.5 – Development release Sensor Standardization & Harmonization Working Group May 18, 2010 4
  • 5. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration What Can It Do? • Capture live network traffic – Variety of networks (Ethernet, WiFi, Bluetooth, USB, etc.) • Import capture files from multiple packages – 35 different file network capture file formats • Display packets in great detail – Over 1000 different protocol decoders have been written • Identify bad packets – Wireshark knows what the packets should look like • Search and filter packets – Over 75k different filter variables • Track “conversations” Sensor Standardization & Harmonization Working Group May 18, 2010 5
  • 6. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Protocol & data analysis – Analyze client-server interaction, errors, network data verification • Latency – Client-server request-response timing Sensor Standardization & Harmonization Working Group May 18, 2010 6
  • 7. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Non-web-based applications – Jitter on repeating network packets – Hardware-assisted packet analysis Sensor Standardization & Harmonization Working Group May 18, 2010 7
  • 8. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? Sensor Standardization & Harmonization Working Group May 18, 2010 8
  • 9. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Starting Screen Sensor Standardization & Harmonization Working Group May 18, 2010 9
  • 10. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen Sensor Standardization & Harmonization Working Group May 18, 2010 10
  • 11. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Filtered Packets Sensor Standardization & Harmonization Working Group May 18, 2010 11
  • 12. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Details Sensor Standardization & Harmonization Working Group May 18, 2010 12
  • 13. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Hex/ASCII Sensor Standardization & Harmonization Working Group May 18, 2010 13
  • 14. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture File Statistics Sensor Standardization & Harmonization Working Group May 18, 2010 14
  • 15. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Summary • Basic information about the file • File format • Number of packets • Capture duration • Average packets/second Sensor Standardization & Harmonization Working Group May 18, 2010 15
  • 16. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Protocol Hierarchy • Displays protocol layering • Shows basic statistics for each protocol layer Sensor Standardization & Harmonization Working Group May 18, 2010 16
  • 17. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Conversations • Identifies and tracks individual streams of traffic • Can track multiple protocols Sensor Standardization & Harmonization Working Group May 18, 2010 17
  • 18. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: IO Graph • Graphical representation of packet timing • Helps identify causes/effects for packets Sensor Standardization & Harmonization Working Group May 18, 2010 18
  • 19. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Packet Filtering Sensor Standardization & Harmonization Working Group May 18, 2010 19
  • 20. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Building Packet Filters Sensor Standardization & Harmonization Working Group May 18, 2010 20
  • 21. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Summary • Wireshark is the de-factor standard – Very versatile – Extensible • Wireshark provides insight into what’s happening on the network – Capture and view network traffic – Investigate network issues – Monitor application interactions • The only way to understand your network is to understand the packets Sensor Standardization & Harmonization Working Group May 18, 2010 21
  • 22. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Where Can I Get It? • Wireshark Website – http://www.wireshark.org • Wireshark Download – http://www.wireshark.org/download.html • Wireshark Documentation – http://www.wireshark.org/docs/ • Wireshark Wiki – http://wiki.wireshark.org/ Sensor Standardization & Harmonization Working Group May 18, 2010 22
  • 23. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Questions? • Jim Gilsinn – Intelligent Systems Division Manufacturing Engineering Laboratory National Institute of Standards & Technology 100 Bureau Drive, Stop 8230 Gaithersburg, MD 20899-8230 – 301-975-3865 – james.gilsinn@nist.gov – http://www.nist.gov/mel/isd Sensor Standardization & Harmonization Working Group May 18, 2010 23