Meet Patel 12102080501044

PRACTICAL – 11
Title : Study and use open-source packet analyser-Wireshark to understand security
mechanism of various network protocols.

Theory:
Wireshark is an open-source packet analyser, which is used for education, analysis,
software development, communication protocol development, and network
troubleshooting.
It is used to track the packets so that each one is filtered to meet our specific needs. It is
commonly called as a sniffer, network protocol analyser, and network analyser. It is also
used by network security engineers to examine security problems.
Wireshark is a free to use application which is used to apprehend the data back and
forth. It is often called as a free packet sniffer computer application. It puts the network
card into an unselective mode, i.e., to accept all the packets which it receives.
Uses of Wireshark:
Wireshark can be used in the following ways:

1. It is used by network security engineers to examine security problems.

2. It allows the users to watch all the traffic being passed over the network.

3. It is used by network engineers to troubleshoot network issues.

4. It also helps to troubleshoot latency issues and malicious activities on your

network.

5. It can also analyse dropped packets.

6. It helps us to know how all the devices like laptop, mobile phones, desktop,
switch, routers, etc., communicate in a local network or the rest of the world.

Understanding Security Mechanisms of Various Network Protocols using

Wireshark:

Wireshark can be used to capture and analyse network traffic to understand the
security mechanisms of various network protocols. Let's discuss some of the security
mechanisms that can be analysed using Wireshark:

1. Transport Layer Security (TLS): TLS is a protocol that provides encryption and
authentication for internet communications. Wireshark can be used to analyse the
TLS handshake process, the type of encryption used, and the certificate information.
2. Secure Sockets Layer (SSL): SSL is a protocol that provides secure communication
between web browsers and servers. Wireshark can be used to analyse the SSL
handshake process, the type of encryption used, and the certificate information.
Meet Patel 12102080501044

3. IPsec: IPsec is a protocol suite used for securing internet protocol (IP)
communications. Wireshark can be used to analyse the IPsec packet headers and
payloads, the type of encryption used, and the key exchange mechanism.

4. Simple Network Management Protocol (SNMP): SNMP is a protocol used for

managing network devices. Wireshark can be used to analyse SNMP packets and
their contents, including the community strings, request and response types, and
SNMP version used.
Meet Patel 12102080501044

5. Domain Name System Security Extensions (DNSSEC): DNSSEC is a protocol used for
securing the DNS protocol. Wireshark can be used to analyse DNSSEC packets and
their contents, including the digital signatures and trust anchor information.

Conclusion:
In conclusion, Wireshark is a powerful tool that can be used to understand the
security mechanisms of various network protocols. By analysing network traffic,
Wireshark allows users to identify vulnerabilities and potential security threats in their
networks. Understanding the security mechanisms of various network protocols is
essential for ensuring network security, and Wireshark can play a significant role in
achieving this goal.