Scribd Logo
Upload

Welcome to Scribd!

  • Packet Analysis With Wireshark A. Using Wireshark To Capture Packets

    Uploaded by

    ombidasar
    114 views2 pages
    This document provides instructions for using Wireshark to capture and analyze network packets on a local network. It describes how to open Wireshark, start capturing packets from the network interface, load a website to generate traffic, stop the packet capture, and review the captured packets. It then asks the user to filter out ARP packets and examine packet headers, filling in a table with source/destination IP addresses, ports, protocols, and TCP flags. Finally, it asks if the user can see the content of the website in the payload of the first HTTP packet.

    Original Description:

    gghg

    Original Title

    Wire Shark

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for using Wireshark to capture and analyze network packets on a local network. It describes how to open Wireshark, start capturing packets from the network interface, load a website to generate traffic, stop the packet capture, and review the captured packets. It then asks the user to filter out ARP packets and examine packet headers, filling in a table with source/destination IP addresses, ports, protocols, and TCP flags. Finally, it asks if the user can see the content of the website in the payload of the first HTTP packet.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    114 views2 pages

    Packet Analysis With Wireshark A. Using Wireshark To Capture Packets

    Uploaded by

    ombidasar
    This document provides instructions for using Wireshark to capture and analyze network packets on a local network. It describes how to open Wireshark, start capturing packets from the network interface, load a website to generate traffic, stop the packet capture, and review the captured packets. It then asks the user to filter out ARP packets and examine packet headers, filling in a table with source/destination IP addresses, ports, protocols, and TCP flags. Finally, it asks if the user can see the content of the website in the payload of the first HTTP packet.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    NPOL

    LAB:PacketAnalysis

    PacketAnalysiswithWireshark A. UsingWiresharktoCapturePackets
    A.1 Introduction Wireshark is a protocol analyzer, or "packet sniffer" application, used for network troubleshooting, analysis, software and protocol development, and education. It allows the user to see all traffic being passed over the network by putting the network card into promiscuousmode.(fromwikipedia.org) A.2 CapturingPacketswithWireshark Inthisexercise,youwilllearnhowtocaptureandanalyzepacketsusingWireshark.Youneed twocomputers,PCaandPCb.PerformthefollowingstepsonlyinPCaanddonotusePCbat thismoment. 1) OpenInternetExplorerandminimizeit.Donotcloseit,youwilluseInternet Explorerinthisexercise. 2) FindWiresharkiconontheDesktopanddoubleclickittostartWireshark. 3) FromtheCapturemenu,selectInterfaces. 4) ClickonStartforVMwareAcceleratedADMPCNETAdaptor 5) YouwillconnecttoPCbswebsitetocreatenetworktraffic.IntheInternetExplorer URLwindow,typehttp://192.168.1.102andpressEnter. 6) Stopcapturingpacketsassoonaspossible.GobacktoWireshark,andfromthe Capturemenu,selectStoptostopcapturingpackets.Then,lookatthecontentof thecapturedpackets. ReviewQuestions: IntheWiresharkmenu,selectAnalyze,andthenselectDisplayFilters.Inthefilter windows,findNoARP,andclickonitandthenclickApply.Thiswayyouwillfilter outallARPpackets.Inthepacketheaderswindowclick+toexpandthecontentof individualheader(seethepicturebelow)andfillthefollowingtable.

    NPOL

    LAB:PacketAnalysis Packet SourceIP SourcePort DestinationIP Protocol TCPFlag Sequence

    FindthefirstHTTPprotocolfrom192.168.1.102to192.168.1.101.Thispackets payloadshouldbethecontentofthewebsite.Canyouseethecontentofthe website?

    You might also like