PART B

(PART B : TO BE COMPLETED BY STUDENTS)

Roll No.53 Name:Karishma Mahajan

Class :TE C Batch :C3
Date of Experiment: 20-8-21 Date of Submission:20-8-21
Grade :

B.1 Document created by the student:

B.3 Observations and learning:
We observe and learn with wireshark tools the data traffic within a
network and analyze protocol errors,problems within the network
architecture,etc.

B.4 Conclusion:
We learned how wireshark is used to capture data packets and
allows us to perform more precise analysis.
B.5 Question of Curiosity
Q1: Briefly explain why there are two layered protocols in networking, TCP/IP four layer
and OSI seven layered?

Q2: What is Wireshark? Mention the Uses of Wireshark.

Q 3: a. Which Layer of the TCP/IP 4 layer model this address belongs to.

b. State the protocol appropriate to this address and any special characteristics for this
address within the appropriate protocol.

The addresses are

i) 136.206.1.4
ii) 192.168.1.10
iii) 127.0.0.1
iv) 0C: 5F : 56 : C0 : DD : 08
v) Port 80
vi) Port 2000

Q4: PORT Nos belong to which layer?

Q5: What is a packet? In which layer it is created?

Q6: What is color coding in Wireshark?

Q7: Write the features of Wireshark?

Q8: Write the filters used in Wireshark?

Q9: What is packet sniffing?

ANSWER
1) Networking layered have Two layered models because the TCP/IP Model
was first defined by the Department of Defense, where they only had one
specific goal of creating a nationwide network. The OSI Model is the
standard model created by the International Organization for
Standardization (ISO) which defines how software and hardware
components involved in a network communication should divide the labor
and interact with one another. In other words, the OSI Model is the
conceptual model that is used for communication of telecom or computing
systems that disregards the underlying internal structure or technology.since
TCP/IP was the first one developed out of the two models.The TCP/IP model
is much more loose than the OSI model, so there are only four layers and
they don't quite correspond to each layer of the OSI Model.The OSI model is
not mandated for networking, but because of it's well designed structure,
most protocols and systems adhere to this model quite closely. The main
purpose of this model is to discuss or describe individual network functions
so someone can understand them. That’s why ,OSI Model has seven layers.

2) Wireshark is a packet sniffer and analysis tool. It captures network traffic

on the local network and stores that data for offline analysis.The uses of
Wireshark is Live capture and offline analysis,Rich VoIP analysis,Read/write
many different capture file formats,Capture compressed files (gzip) and
decompress them on the fly,Deep inspection of hundreds of
protocols,Standard three-pane packet browser.

3) 1. 136.206.1.4
a. Internet Layer
b. IPv4 Public IP

2. 192.168.1.10
a. Internet Layer
b. IPv4 Private IP

3. 127.0.0.1
a. Internet Layer
b. IPv4 Loopback
 4. 0C:5F:56:C0:DD:08
a. Link Layer
b. Mac address

5. Port 80
a. Application Layer
b. HTTP, ip-address:80 ; example:- 192.168.126.132:80

6. Port 2000
a. SCCP / Skinny protocol
b. Transport Layer

4) PORT Nos belong to Transport Layer

5) A packet is a small segment of a larger message.Packet refers to a

protocol data unit at layer 3, the network layer.

6) Color coding in Wireshark uses colors to help you identify the types of
traffic at a glance.

7) The features of Wireshark are Live capture and offline analysis,Rich VoIP
analysis,Read/write many different capture file formats,Capture compressed
files (gzip) and decompress them on the fly,Deep inspection of hundreds of
protocols,Standard three-pane packet browser.

8) Wireshark has two filtering languages: capture filters and display filters.
Capture filters are used for filtering when capturing packets.Display filters
are used for filtering which packets are displayed.

9) Packet sniffing is a technique whereby packet data flowing across the

network is detected and observed.