Wireshark: Network Packet Analyzer
1y ago
33 Views
1 Downloads
571.00 KB
10 Pages
Report/dmca
Download PDF

Transcription

Wireshark:Network Packet AnalyzerTA: Awad A YounisClass: CS457Fall 2014

Network Protocols (Packets) Have Headers Who sent the dataWho Receives the dataInformation about the payloadOther protocol specific information2

What is Wireshark? Wireshark is a network packet analyzer. An open source Capture network packets and tries to display that packet data as detailedas possible. Why Wireshark? Network administrators use it to troubleshoot network problems Network security engineers use it to examine security problems Developers use it to debug protocol implementations People use it to learn network protocol internals3

What Wireshark is not? Wireshark isn’t an intrusion detection system However, if strange things happen, Wireshark might help you figure outwhat is really going on. Wireshark will not manipulate things on the network, it will only"measure" things from it. Where to get Wireshark You can get the latest copy of the program from the Wireshark website athttps://www.wireshark.org/download.html. The download page should automatically highlight the appropriatedownload for your platform and direct you to the nearest mirror.4

5

Packet List No: The number of the packet in the capture file. This number won’t change, even if adisplay filter is used. Time: The timestamp of the packet. The presentation format of this timestamp can bechanged, see Section 6.12, “Time display formats and time references”. Source: The address where this packet is coming from. Destination: The address where this packet is going to. Protocol: The protocol name in a short (perhaps abbreviated) version. Info: Additional information about the packet content.6

Packet Details This shows the protocols and protocol fields of the packet selected in the “Packet List”pane. The protocols and fields of the packet are displayed using a tree, which can be expandedand collapsed.1. Frame2. Data Link: EN3. Network: IP4. Transport: TCP5. Data: Payload7

Packet Bytes The packet bytes pane shows the data of the current packet (selected in the “Packet List”pane) in a hexdump style As usual for a hexdump, the left side shows the offset in the packet data, in the middle the packet data is shown in a hexadecimal representation and on the right the corresponding ASCII characters8

Three way TCP Handshake9

Thank You10

6 Packet List No: The number of the packet in the capture file.This number won’t change, even if a display filter is used. Time: The timestamp of the packet. The presentation format of this timestamp can be changed, see

Related Books

Lab 1: Packet Sniffing and Wireshark

Lab 1: Packet Sniffing and Wireshark

Packet Analysis Using Wireshark

Packet Analysis Using Wireshark

Wireshark Lab1, part a: Getting Started

Wireshark Lab1, part a: Getting Started

Wireshark 101 - University of Washington

Wireshark 101 - University of Washington

Wireshark 101 - luca.ntop

Wireshark 101 - luca.ntop

and Using Wireshark for Capturing Network Traffic

and Using Wireshark for Capturing Network Traffic

Troubleshooting Slow Networks with Wireshark - Colasoft

Troubleshooting Slow Networks with Wireshark - Colasoft

Hands-on Keyboard: Cyber Experiments for . - Air University

Hands-on Keyboard: Cyber Experiments for . - Air University

Packet Sniffing with Ethereal and Tcpdump

Packet Sniffing with Ethereal and Tcpdump

Packet Analysis Using Wireshark (GW) - Sites at Penn State

Packet Analysis Using Wireshark (GW) - Sites at Penn State

Introduction to Wireshark Network Analysis - Software

Introduction to Wireshark Network Analysis - Software

Wireshark- Netzwerkanalyse leicht gemacht - Bitpipe

Wireshark- Netzwerkanalyse leicht gemacht - Bitpipe

PopularTags

Recent Views