SlideShare ist ein Scribd-Unternehmen logo

Wireshark Network Protocol Analyzer

Als PPTX, PDF herunterladen
Jim Gilsinn
Jim Gilsinn

Presented in May 2010 This presentation goes through the Wireshark network analyzer. It presents an overview of the different features that I've found useful while doing network performance analysis for ICS network protocols.

Technologie
1 von 23
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark Network Protocol Analyzer Jim Gilsinn Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) Sensor Standardization & Harmonization Working Group May 18, 2010 1
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Overview • • • • • Wireshark: What Is It? A Brief History What Can It Do? How Do I Use It? Demo – – – – Starting Screen Capture Screen Capture File Statistics Packet Filtering • Summary • Where Can I Get It? Sensor Standardization & Harmonization Working Group May 18, 2010 2
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark: What Is It? • De-facto network packet analyzer • Open-source – GNU General Public License – Over 680 Contributors • Multi-platform – Pre-compiled installers for PC/Mac – Source code & instructions for Unix & Linux • Extensible – Add-ons and extensions are relatively easy to build Sensor Standardization & Harmonization Working Group May 18, 2010 3
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration A Brief History • Started out in 1998 as Ethereal 0.2.0 • Became Wireshark in 2006 – Original developer changed companies – Name remained property of previous company – Started as Wireshark 0.99 • Currently 3 versions available – Version 1.0.13 – Old stable release – Version 1.2.8 – Stable release – Version 1.3.5 – Development release Sensor Standardization & Harmonization Working Group May 18, 2010 4
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration What Can It Do? • Capture live network traffic – Variety of networks (Ethernet, WiFi, Bluetooth, USB, etc.) • Import capture files from multiple packages – 35 different file network capture file formats • Display packets in great detail – Over 1000 different protocol decoders have been written • Identify bad packets – Wireshark knows what the packets should look like • Search and filter packets – Over 75k different filter variables • Track “conversations” Sensor Standardization & Harmonization Working Group May 18, 2010 5
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Protocol & data analysis – Analyze client-server interaction, errors, network data verification • Latency – Client-server request-response timing Sensor Standardization & Harmonization Working Group May 18, 2010 6
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Non-web-based applications – Jitter on repeating network packets – Hardware-assisted packet analysis Sensor Standardization & Harmonization Working Group May 18, 2010 7
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? Sensor Standardization & Harmonization Working Group May 18, 2010 8
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Starting Screen Sensor Standardization & Harmonization Working Group May 18, 2010 9
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen Sensor Standardization & Harmonization Working Group May 18, 2010 10
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Filtered Packets Sensor Standardization & Harmonization Working Group May 18, 2010 11
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Details Sensor Standardization & Harmonization Working Group May 18, 2010 12
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Hex/ASCII Sensor Standardization & Harmonization Working Group May 18, 2010 13
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture File Statistics Sensor Standardization & Harmonization Working Group May 18, 2010 14
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Summary • Basic information about the file • File format • Number of packets • Capture duration • Average packets/second Sensor Standardization & Harmonization Working Group May 18, 2010 15
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Protocol Hierarchy • Displays protocol layering • Shows basic statistics for each protocol layer Sensor Standardization & Harmonization Working Group May 18, 2010 16
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Conversations • Identifies and tracks individual streams of traffic • Can track multiple protocols Sensor Standardization & Harmonization Working Group May 18, 2010 17
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: IO Graph • Graphical representation of packet timing • Helps identify causes/effects for packets Sensor Standardization & Harmonization Working Group May 18, 2010 18
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Packet Filtering Sensor Standardization & Harmonization Working Group May 18, 2010 19
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Building Packet Filters Sensor Standardization & Harmonization Working Group May 18, 2010 20
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Summary • Wireshark is the de-factor standard – Very versatile – Extensible • Wireshark provides insight into what’s happening on the network – Capture and view network traffic – Investigate network issues – Monitor application interactions • The only way to understand your network is to understand the packets Sensor Standardization & Harmonization Working Group May 18, 2010 21
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Where Can I Get It? • Wireshark Website – http://www.wireshark.org • Wireshark Download – http://www.wireshark.org/download.html • Wireshark Documentation – http://www.wireshark.org/docs/ • Wireshark Wiki – http://wiki.wireshark.org/ Sensor Standardization & Harmonization Working Group May 18, 2010 22
Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Questions? • Jim Gilsinn – Intelligent Systems Division Manufacturing Engineering Laboratory National Institute of Standards & Technology 100 Bureau Drive, Stop 8230 Gaithersburg, MD 20899-8230 – 301-975-3865 – james.gilsinn@nist.gov – http://www.nist.gov/mel/isd Sensor Standardization & Harmonization Working Group May 18, 2010 23

Empfohlen

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 

Empfohlen

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Dhananja Kariyawasam
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Yoram Orzach
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark pptbala150985
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
TCP/IP
TCP/IPTCP/IP
TCP/IPRehan ali
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisYoram Orzach
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeckDaniel Bimschas
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wiresharkn|u - The Open Security Community
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardGiuseppe Anastasi
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tourgigamon_systems
 
Wireshark
WiresharkWireshark
Wiresharkashiesh0007
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide shareMUHAMMED SIDIBEH
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvYoram Orzach
 
MARNEW at IETF 94
MARNEW at IETF 94MARNEW at IETF 94
MARNEW at IETF 94Natasha Rooney
 
4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdfAdmin621695
 

Weitere ähnliche Inhalte

Was ist angesagt?

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Dhananja Kariyawasam
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Yoram Orzach
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisYoram Orzach
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeckDaniel Bimschas
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardGiuseppe Anastasi
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tourgigamon_systems
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsSachidananda Sahu
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvYoram Orzach
 

Was ist angesagt? (20)

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
 
Wireshark
WiresharkWireshark
Wireshark
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
TCP/IP
TCP/IPTCP/IP
TCP/IP
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
2013 09-02 senzations-bimschas-part1-smart-santander-facility-luebeck
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e StandardTowards the Internet of Relevant Things: the IEEE 802.15.4e Standard
Towards the Internet of Relevant Things: the IEEE 802.15.4e Standard
 
Gigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware TourGigamon Systems GigaVUE-420 Hardware Tour
Gigamon Systems GigaVUE-420 Hardware Tour
 
Wireshark
WiresharkWireshark
Wireshark
 
Ipx protocol slide share
Ipx protocol slide shareIpx protocol slide share
Ipx protocol slide share
 
Wireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance toolsWireshark, Tcpdump and Network Performance tools
Wireshark, Tcpdump and Network Performance tools
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
 

Ähnlich wie Wireshark Network Protocol Analyzer

4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdfAdmin621695
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Jim Gilsinn
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateBrandon Height
 
Data Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel IndustryData Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel IndustryAgence du Numérique (AdN)
 
Resume--John PustaI
Resume--John PustaIResume--John PustaI
Resume--John PustaIJohn Pustai
 
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generationIEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generationIEEEGLOBALSOFTSTUDENTPROJECTS
 
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generationIEEEFINALSEMSTUDENTSPROJECTS
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systemsjamieayre
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Laurent Lefort
 
SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013Charith Perera
 
NetSim Webinar on IOT
NetSim Webinar on IOTNetSim Webinar on IOT
NetSim Webinar on IOTKAVITHA IYER
 
ITU-T Study Group 11 Introduction
ITU-T Study Group 11 IntroductionITU-T Study Group 11 Introduction
ITU-T Study Group 11 IntroductionITU
 
Intro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdfIntro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdfAshokGovindarajan1
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousRaffael Marty
 

Ähnlich wie Wireshark Network Protocol Analyzer (20)

MARNEW at IETF 94
MARNEW at IETF 94MARNEW at IETF 94
MARNEW at IETF 94
 
4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf4 - Keeping your website comfy and secure.pdf
4 - Keeping your website comfy and secure.pdf
 
Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)Test Tool for Industrial Ethernet Network Performance (June 2009)
Test Tool for Industrial Ethernet Network Performance (June 2009)
 
Zuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-updateZuniga-Privacy-ECSG-update
Zuniga-Privacy-ECSG-update
 
Data Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel IndustryData Analysis in Manufacturing Application to Steel Industry
Data Analysis in Manufacturing Application to Steel Industry
 
Resume--John PustaI
Resume--John PustaIResume--John PustaI
Resume--John PustaI
 
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generationIEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
IEEE 2014 JAVA NETWORKING PROJECTS Automatic test packet generation
 
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
2014 IEEE JAVA NETWORKING PROJECT Automatic test packet generation
 
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded SystemsHIS 2017 Roderick chapman- Secure Updates for Embedded Systems
HIS 2017 Roderick chapman- Secure Updates for Embedded Systems
 
vlsi ajal
vlsi ajalvlsi ajal
vlsi ajal
 
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
Semantically-Enabling the Web of Things: The W3C Semantic Sensor Network Onto...
 
SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013SKG-2013, Beijing, China, 03 October 2013
SKG-2013, Beijing, China, 03 October 2013
 
NetSim Webinar on IOT
NetSim Webinar on IOTNetSim Webinar on IOT
NetSim Webinar on IOT
 
ITU-T Study Group 11 Introduction
ITU-T Study Group 11 IntroductionITU-T Study Group 11 Introduction
ITU-T Study Group 11 Introduction
 
Intro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdfIntro_to_data_analysis_sample_slides.pdf
Intro_to_data_analysis_sample_slides.pdf
 
10probs.ppt
10probs.ppt10probs.ppt
10probs.ppt
 
ION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get InvolvedION Costa Rica - About the IETF and How to Get Involved
ION Costa Rica - About the IETF and How to Get Involved
 
Naveen Resume
Naveen ResumeNaveen Resume
Naveen Resume
 
IOT Forensics
IOT ForensicsIOT Forensics
IOT Forensics
 
AI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are DangerousAI & ML in Cyber Security - Why Algorithms Are Dangerous
AI & ML in Cyber Security - Why Algorithms Are Dangerous
 

Mehr von Jim Gilsinn

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionJim Gilsinn
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksJim Gilsinn
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!Jim Gilsinn
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance LabJim Gilsinn
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Low-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance TestingLow-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance TestingJim Gilsinn
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze itJim Gilsinn
 

Mehr von Jim Gilsinn (12)

ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
Practical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and ProductionPractical Approaches to Securely Integrating Business and Production
Practical Approaches to Securely Integrating Business and Production
 
Network Security: Protecting SOHO Networks
Network Security: Protecting SOHO NetworksNetwork Security: Protecting SOHO Networks
Network Security: Protecting SOHO Networks
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
Cook Like a Hacker!
Cook Like a Hacker!Cook Like a Hacker!
Cook Like a Hacker!
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
 
ICS Performance Lab
ICS Performance LabICS Performance Lab
ICS Performance Lab
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Low-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance TestingLow-Cost ICS Network Performance Testing
Low-Cost ICS Network Performance Testing
 
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3
 
You name it, we analyze it
You name it, we analyze itYou name it, we analyze it
You name it, we analyze it
 

Kürzlich hochgeladen

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 

Kürzlich hochgeladen (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 

Wireshark Network Protocol Analyzer

  • 1. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark Network Protocol Analyzer Jim Gilsinn Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) Sensor Standardization & Harmonization Working Group May 18, 2010 1
  • 2. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Overview • • • • • Wireshark: What Is It? A Brief History What Can It Do? How Do I Use It? Demo – – – – Starting Screen Capture Screen Capture File Statistics Packet Filtering • Summary • Where Can I Get It? Sensor Standardization & Harmonization Working Group May 18, 2010 2
  • 3. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Wireshark: What Is It? • De-facto network packet analyzer • Open-source – GNU General Public License – Over 680 Contributors • Multi-platform – Pre-compiled installers for PC/Mac – Source code & instructions for Unix & Linux • Extensible – Add-ons and extensions are relatively easy to build Sensor Standardization & Harmonization Working Group May 18, 2010 3
  • 4. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration A Brief History • Started out in 1998 as Ethereal 0.2.0 • Became Wireshark in 2006 – Original developer changed companies – Name remained property of previous company – Started as Wireshark 0.99 • Currently 3 versions available – Version 1.0.13 – Old stable release – Version 1.2.8 – Stable release – Version 1.3.5 – Development release Sensor Standardization & Harmonization Working Group May 18, 2010 4
  • 5. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration What Can It Do? • Capture live network traffic – Variety of networks (Ethernet, WiFi, Bluetooth, USB, etc.) • Import capture files from multiple packages – 35 different file network capture file formats • Display packets in great detail – Over 1000 different protocol decoders have been written • Identify bad packets – Wireshark knows what the packets should look like • Search and filter packets – Over 75k different filter variables • Track “conversations” Sensor Standardization & Harmonization Working Group May 18, 2010 5
  • 6. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Protocol & data analysis – Analyze client-server interaction, errors, network data verification • Latency – Client-server request-response timing Sensor Standardization & Harmonization Working Group May 18, 2010 6
  • 7. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? • Non-web-based applications – Jitter on repeating network packets – Hardware-assisted packet analysis Sensor Standardization & Harmonization Working Group May 18, 2010 7
  • 8. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration How Do I Use It? Sensor Standardization & Harmonization Working Group May 18, 2010 8
  • 9. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Starting Screen Sensor Standardization & Harmonization Working Group May 18, 2010 9
  • 10. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen Sensor Standardization & Harmonization Working Group May 18, 2010 10
  • 11. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Filtered Packets Sensor Standardization & Harmonization Working Group May 18, 2010 11
  • 12. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Details Sensor Standardization & Harmonization Working Group May 18, 2010 12
  • 13. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture Screen: Packet Hex/ASCII Sensor Standardization & Harmonization Working Group May 18, 2010 13
  • 14. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Capture File Statistics Sensor Standardization & Harmonization Working Group May 18, 2010 14
  • 15. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Summary • Basic information about the file • File format • Number of packets • Capture duration • Average packets/second Sensor Standardization & Harmonization Working Group May 18, 2010 15
  • 16. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Protocol Hierarchy • Displays protocol layering • Shows basic statistics for each protocol layer Sensor Standardization & Harmonization Working Group May 18, 2010 16
  • 17. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: Conversations • Identifies and tracks individual streams of traffic • Can track multiple protocols Sensor Standardization & Harmonization Working Group May 18, 2010 17
  • 18. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Statistics: IO Graph • Graphical representation of packet timing • Helps identify causes/effects for packets Sensor Standardization & Harmonization Working Group May 18, 2010 18
  • 19. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Packet Filtering Sensor Standardization & Harmonization Working Group May 18, 2010 19
  • 20. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Building Packet Filters Sensor Standardization & Harmonization Working Group May 18, 2010 20
  • 21. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Summary • Wireshark is the de-factor standard – Very versatile – Extensible • Wireshark provides insight into what’s happening on the network – Capture and view network traffic – Investigate network issues – Monitor application interactions • The only way to understand your network is to understand the packets Sensor Standardization & Harmonization Working Group May 18, 2010 21
  • 22. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Where Can I Get It? • Wireshark Website – http://www.wireshark.org • Wireshark Download – http://www.wireshark.org/download.html • Wireshark Documentation – http://www.wireshark.org/docs/ • Wireshark Wiki – http://wiki.wireshark.org/ Sensor Standardization & Harmonization Working Group May 18, 2010 22
  • 23. Manufacturing Engineering Laboratory (MEL) National Institute of Standards & Technology (NIST) U.S. Department of Commerce, Technology Administration Questions? • Jim Gilsinn – Intelligent Systems Division Manufacturing Engineering Laboratory National Institute of Standards & Technology 100 Bureau Drive, Stop 8230 Gaithersburg, MD 20899-8230 – 301-975-3865 – james.gilsinn@nist.gov – http://www.nist.gov/mel/isd Sensor Standardization & Harmonization Working Group May 18, 2010 23