Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    Basicsofwiresharkslideshare 150817191753 Lva1 App6892

    Uploaded by

    muna cliff
    Wireshark is a network packet analyzer that captures and displays network packet data. It allows users to examine what is happening within a network cable by analyzing packets' source and destination IP addresses, MAC addresses, protocols, and data payloads. The Wireshark user interface displays information about captured packets in tabs including number, time, source, destination, protocol, and packet information. It can also be used from the command line to capture packets from an interface for a set time and save them to a file.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Basicsofwiresharkslideshare 150817191753 Lva1 App6892

    Uploaded by

    muna cliff
    7 views21 pages
    Wireshark is a network packet analyzer that captures and displays network packet data. It allows users to examine what is happening within a network cable by analyzing packets' source and destination IP addresses, MAC addresses, protocols, and data payloads. The Wireshark user interface displays information about captured packets in tabs including number, time, source, destination, protocol, and packet information. It can also be used from the command line to capture packets from an interface for a set time and save them to a file.

    Original Description:

    Original Title

    Basicsofwiresharkslideshare 150817191753 Lva1 App6892(1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Wireshark is a network packet analyzer that captures and displays network packet data. It allows users to examine what is happening within a network cable by analyzing packets' source and destination IP addresses, MAC addresses, protocols, and data payloads. The Wireshark user interface displays information about captured packets in tabs including number, time, source, destination, protocol, and packet information. It can also be used from the command line to capture packets from an interface for a set time and save them to a file.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    7 views21 pages

    Basicsofwiresharkslideshare 150817191753 Lva1 App6892

    Uploaded by

    muna cliff
    Wireshark is a network packet analyzer that captures and displays network packet data. It allows users to examine what is happening within a network cable by analyzing packets' source and destination IP addresses, MAC addresses, protocols, and data payloads. The Wireshark user interface displays information about captured packets in tabs including number, time, source, destination, protocol, and packet information. It can also be used from the command line to capture packets from an interface for a set time and save them to a file.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 21

    BASICS OF WIRESHARK

    BASICS OF WIRESHARK
    Wireshark is a network packet analyzer. A network packet analyzer will try to
    capture network packets and tries to display that packet data as detailed as
    possible.

    You could think of a network packet analyzer as a measuring device used to


    examine what’s going on inside a network cable.
    IP ADDRESS & MAC ADDRESS
    An Internet Protocol address (IP address) is a numerical label assigned to each
    device (e.g., computer, printer or device) participating in a computer network that
    uses the Internet Protocol for communication. An IP address serves two principal
    functions: host or network interface identification and location addressing.

    A media access control address (MAC address) is a unique identifier assigned to


    network interfaces for communications on the physical network segment. MAC
    addresses are used as a network address for most IEEE 802 network technologies,
    including Ethernet and WiFi.
    PORTS
    In programming, a port (noun) is a "logical connection place" and specifically, using
    the Internet's protocol, TCP/IP, the way a client program specifies a particular server
    program on a computer in a network.
    TABS IN WIRESHARK

     No. shows the number of captured packet or index number.


     Time shows the time of capture
     Source shows the source ip of the packet or the packet is originally generated from which
    source ip.
     Destination shows the destination ip where the packet is going.
     Protocol shows the which kind of protocol communication is held between the source and
    destination.
     Info shows the data payload in the packet.
    WIRESHARK HOMESCREEN
    SOME EXAMPLES ON WIRESHARK COMMAND LINE
    INTERFACE (CLI)
    Select the interface and start capturing the packets:
    >tshark –i <enter the number of interface listed in the previous command>
    >tshark –i 1
    Hit enter. It will start capturing the packets from the specified interface.
    SOME EXAMPLES ON WIRESHARK COMMAND LINE
    INTERFACE (CLI)
    Select the interface and start capturing the packets for 10sec and save the captured
    packet in the 10sec.pcap file format:
    >tshark –i <enter the number of interface><space> -a duration:<sec> -w
    <filename>.pcap
    >tshark –i 1 –a duration:10 –w 10sec.pcap
    Hit enter. It will start capturing the packets from the specified interface for 10sec and
    save it in a file 10sec.pcap file.
    To see the captured packet enter the filename in the command prompt.
    >10sec.pcap
    TSHARK OUTPUT FORMATTING
    For output format of Tshark, tshark uses the format of .pcap in which it saves the
    captured packets.

    You might also like