Transcription
WIRESHARK TUTORIALRoss Bagurdesross.bagurdes@outlook.comEngineer, IT Instructor,Pluralsight Author, Nerdtastic StuffIntroduction tocapturing andanalyzingpackets
8.8.8
EVESDROPPING – OLD scilloscope
EVESDROPPING – OLD 100101010101000101010
PARSE BITS0000 0000 0101 0000 0101 0110 1110 0110 0101 0011 0110 00110000 0000 0000 1100 0010 1001 1111 1011 0011 0101 1000 11000000 1000 0000 0000Destination MACSource MAC00:50:56:E6:53:63 00:0C:29:FB:35:8CL3 TypePacket0x0800Packet DataIndicates IPv4 PacketRFC 791
PARSE PACKET HEADER0123!0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Version IHL Type of Service Total Length ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Identification Flags Fragment Offset ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Time to Live Protocol Header Checksum ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Source Address ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Destination Address ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ! Options Padding ! - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - !!RFC 791!
EVESDROPPING – OLD SCHOOLWiresharkApplicationNetwork Interface Card WinPcap or LibPcap driver
DEMONSTRATIONPERFORMING ABASIC PACKET CAPTURE
WIRESHARK TUTORIAL Ross Bagurdes ross.bagurdes@outlook.com Engineer, IT Instructor, Pluralsight Author, Nerdtastic Stuff . Internet Echo Reply Echo Request EVESDROPPING PC Google 8.8.8.8 . Internet Echo Reply Echo Request EVESDROPPING - OLD SCHOOL PC Google 8.8.8.8 oscilloscope .
