SlideShare a Scribd company logo

Practical Packet Analysis: Wireshark

Download as PPTX, PDF
A
Ashley Wheeler

Introduction to Wireshark and how it can be used to analyze packets.

Technology
1 of 11
Practical Packet Analysis Introduction To Wireshark
Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol

Recommended

Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 

Recommended

Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentationKateryna Haskova
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark TutorialCoursenvy.com
 
Wireshark
WiresharkWireshark
WiresharkSourav Roy
 
Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
Wireshark
WiresharkWireshark
WiresharkKasun Madusanke
 
Wireshark
WiresharkWireshark
WiresharkAlanoud Alqoufi
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Wireshark
WiresharkWireshark
WiresharkVijay kumar
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark
WiresharkWireshark
WiresharkKushagra Ganeriwal
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark BasicsYoram Orzach
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Tcpdump
TcpdumpTcpdump
TcpdumpSourav Roy
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)Ramola Dhande
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Dmz
Dmz Dmz
Dmz أحلام انصارى
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark pptbala150985
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 
Wireshark
WiresharkWireshark
WiresharkDeepika Ojha
 
Wireshark
WiresharkWireshark
Wiresharkashiesh0007
 

More Related Content

What's hot

Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wiresharkBasaveswar Kureti
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li Inmhaviv
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with WiresharkJim Gilsinn
 
Types of firewall
Types of firewallTypes of firewall
Types of firewallPina Parmar
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxArifinChowdhury2
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)Ramola Dhande
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Wireshark
WiresharkWireshark
Wiresharkbtohara
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer networkpoorvavyas4
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdumpLev Walkin
 

What's hot (20)

Wireshark
WiresharkWireshark
Wireshark
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark
WiresharkWireshark
Wireshark
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing software
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Types of firewall
Types of firewallTypes of firewall
Types of firewall
 
Tcpdump
TcpdumpTcpdump
Tcpdump
 
Network Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptxNetwork Traffic Analysis With Wireshark.pptx
Network Traffic Analysis With Wireshark.pptx
 
User datagram protocol (udp)
User datagram protocol (udp)User datagram protocol (udp)
User datagram protocol (udp)
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
Dmz
Dmz Dmz
Dmz
 
Wireshark
WiresharkWireshark
Wireshark
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
Firewall security in computer network
Firewall security in computer networkFirewall security in computer network
Firewall security in computer network
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
Introduction to tcpdump
Introduction to tcpdumpIntroduction to tcpdump
Introduction to tcpdump
 

Viewers also liked

Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Yoram Orzach
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wiresharkJoshua Kathiravan
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)Denny K
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkYoram Orzach
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Ravi Rajput
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-WiresharkHarsh Singh
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)shwetha mk
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniquesamiable_indian
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system pptSheetal Verma
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...medfaye
 

Viewers also liked (15)

Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Osi model explained with wireshark
Osi model explained with wiresharkOsi model explained with wireshark
Osi model explained with wireshark
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Wireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wiresharkWireshark course, Ch 02: Introduction to wireshark
Wireshark course, Ch 02: Introduction to wireshark
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
TCPdump-Wireshark
TCPdump-WiresharkTCPdump-Wireshark
TCPdump-Wireshark
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Intrusion detection system ppt
Intrusion detection system pptIntrusion detection system ppt
Intrusion detection system ppt
 
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
Installation et configuration d'AWSTATS "Outils d'analyse de Logs" sur Centos...
 
Atelier 4
Atelier 4Atelier 4
Atelier 4
 

Similar to Practical Packet Analysis: Wireshark

Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxambersalomon88660
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxsmile790243
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with WiresharkSiddharth Coontoor
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxadampcarr67227
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysisnikitaa25
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer vilss
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Shu Shin
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxambersalomon88660
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxambersalomon88660
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxrosemarybdodson23141
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxJUST36
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)John Rabidou
 

Similar to Practical Packet Analysis: Wireshark (20)

How to use packet sniffers
How to use packet sniffersHow to use packet sniffers
How to use packet sniffers
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s unde
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
 
Wiresharkrep
WiresharkrepWiresharkrep
Wiresharkrep
 
Wireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptxWireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptx
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with Wireshark
 
Wireshark.pptx
Wireshark.pptxWireshark.pptx
Wireshark.pptx
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wireshark
 
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docxHS1011 Data Communication and Networks 13 August 2015 HS101.docx
HS1011 Data Communication and Networks 13 August 2015 HS101.docx
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysis
 
Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
Uccn1003 may10 - lab 08 - wireshark analysis of trace files - answer-update...
 
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docxWireshark Lab HTTP v7.0 Supplement to Computer Network.docx
Wireshark Lab HTTP v7.0 Supplement to Computer Network.docx
 
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docxWireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
Wireshark Lab Ethernet and ARP v7.0 Supplement to Comp.docx
 
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docxNETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
NETW250 Week 3 iLab Observing VoIP Protocols Using Wireshar.docx
 
Question 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docxQuestion 1 Which of the following statements is true regarding Wir.docx
Question 1 Which of the following statements is true regarding Wir.docx
 
1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)1.5.7 packet-tracer---network-representation (1)
1.5.7 packet-tracer---network-representation (1)
 

Recently uploaded

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 

Practical Packet Analysis: Wireshark

  • 2. Introduction To Wireshark  A Brief history of Wireshark  Wireshark has a very rich history.  Gerald Combs, a computer science graduate of the University of Missouri at Kansas City, originally developed it out of necessity.  The first version of Comb’s application was called Ethereal and it was released in 1998 under the GNU Public License.  Eight years after releasing Ethereal, Combs left his job to pursue other career opportunities.  Unfortunately, his employer at that time had full rights to the Ethereal trademarks, and Combs was unable to reach an agreement that would allow him to control the Ethereal “brand.”  Instead, Combs and the rest of the development team rebranded the project as Wireshark in mid-2006.
  • 3. Introduction To Wireshark  The Benefits to Wireshark  Wireshark offers several benefits that make it appealing for everyday use.  It is aimed at both the journeyman and the expert packet analyst, and offers a variety of features to entice each.  Wireshark enables:  Protocol support  User-friendliness  Program support  Operating system support
  • 4. Introduction To Wireshark  Installing Wireshark  The Wireshark installation process is surprisingly simple.  Before you install Wireshark, make sure that your system meets the following requirements:  400 MHz processor or faster  128MB RAM  At least 75MB of available storage space  NIC that supports promiscuous mode  WinPcap capture driver  Windows implementation of the pcap packet-capturing application programming interface (API).  Simply put, this filters, and switch the NIC in and out of promiscuous mode.
  • 5. Introduction To Wireshark  Wireshark Fundamentals  Once you have successfully installed Wireshark on your system, you can begin to familiarize yourself with it.  Now you finally get to open your fully functioning packet sniffer and see . . . Absolutely nothing!  Wireshark isn’t very interesting when you first open it.  In order for things to really get exciting, you need to get some data.
  • 6. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  First, there is always something wrong on the network.  Secondly, there doesn’t need to be something wrong in order for you to perform packet analysis.  More broadly, in order to find anomalies in daily network activity, you must know what normal daily network activity looks like.  When your network is running smoothly, you can set your baseline so that you’ll know what its traffic looks like in a normal state.  So let’s capture some packets!  Open Wireshark  From the main drop-down menu, select Capture and then Interfaces  Choose the interface you wish to use and click Start, or simply click the interface under the Interface List sections of the welcome page.  Wait about a minute or so, and when you are ready to stop the capture and view your data, click the Stop button from the Capture drop-down menu.
  • 7. Introduction To Wireshark  Wireshark Fundamentals  Your First Packet Capture  Image of selecting an interface on which to perform your packet capture
  • 8. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  You will spend most of your time in the Wireshark main window.  This is where all the packets you capture are displayed and broken down into a more understandable format.  Using this packet capture you just made, let’s take a look at Wireshark’s main window, as shown in this image:
  • 9. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  The three panes in the main window depend on one another.  In order to view the details of an individual packet in the Packet Details pane, you must first select that packet by clicking it in the Packet Lists pane.  Once you have selected your packet, you can see the bytes that correspond with a certain portion of the packet in the Packet Bytes pane when you click that portion of the packet in the Packet Details pane.
  • 10. Introduction To Wireshark  Wireshark Fundamentals  Wireshark’s Main Window  Packet List – the tope pane displays a table containing all packets in the current capture file.  Packet Details – the middle pane contains a hierarchical display of information about a single packet.  Packet Bytes – the lower pane – perhaps the most confusing – displays a packet in its raw, unprocessed form; that is, it shows what the packet looks like as it travels across the wire.
  • 11. Introduction To Wireshark  Wireshark Fundamentals  Wireshark Preferences  Wireshark has several preferences that can be customized to meet your needs.  Wireshark’s preferences are divided into six major sections:  User Interface  Capture  Printing  Name Resolution  Statistics  Protocols  Packet Color Coding  Each packet is displayed as a certain color for a reason.  These colors reflect the packet’s protocol