Scribd
Upload
8 views

Lab 08

The document introduces Wireshark, a network protocol analyzer tool. It discusses how Wireshark can capture and analyze live network traffic or read from files. The document then provides instructions on downloading, installing, and using the basic features of Wireshark, including its main interface components like the menu, toolbars, packet lists, and status bar.

Uploaded by

nomanbsit
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views

Lab 08

The document introduces Wireshark, a network protocol analyzer tool. It discusses how Wireshark can capture and analyze live network traffic or read from files. The document then provides instructions on downloading, installing, and using the basic features of Wireshark, including its main interface components like the menu, toolbars, packet lists, and status bar.

Uploaded by

nomanbsit
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Lab-08 ✪Introduction to Wireshark

Lab 08: Introduction to Wireshark


8.1 Objective

In this lab we will learn about the introduction to Wireshark and network traffic analysis.
1. Introduction to Wireshark
2. Installation of Wireshark and basic usage
3. Network traffic analysis of HTTP, FTP protocol

Software: Wireshark

8.2 Introduction

What is Wireshark
Wireshark is a network protocol analyzer, also known as a network sniffer. Formerly known as
Ethereal, Wireshark is computer application that captures and decodes packets of information
from a network. “Wireshark can capture live network traffic or read data from a file and translate
the data to be presented in a format the user can understand”.

Why Wireshark

Wireshark is a valuable tool for administrators that allow them to monitor all traffic that passes
on a network. It is very useful for analyzing, diagnosing and troubleshooting problems that may
occur. Network administrator use it to troubleshoot network problem. Network security engineer
use it to examine security problem. Quality Assurance engineers use it to verify network
applications and developers use it to debug protocol implementation.

Some features of Wireshark.

1. Data can be captured from a network connection or read from previous records of
captured packets.
2. Live data can be read from Ethernet, FDDI, PPP, token ring, IEEE 802.11, classical IP
over ATM, and loopback interfaces (at least on some platforms; not all of those types are
supported on all platforms).

IT-310 LAB MANUAL By Nosheen Anwar 98 | Page


Lab-08 ✪Introduction to Wireshark

3. Captured files can be programmatically edited or converted via command-line switches


to the “editcap” program.
4. Captured network data can be browsed via a GUI, or via the terminal (command line)
version of the utility tshark.
5. Display filters can also be used to selectively highlight and color packet summay
information.
6. Data display can be refined using a display filter.

Getting started with Wireshark

Wireshark can be downloaded from website www.wireshark.org.

Figure 8.1: Wireshark Download Options

IT-310 LAB MANUAL By Nosheen Anwar 99 | Page


Lab-08 ✪Introduction to Wireshark

Getting started with Wireshark

Wireshark has a friendly graphical user interface that makes it easier to analyze and diagnose
packets that passing through the network. No data will initially be displayed when the user runs
Wireshark.

The Main Window

The Main window shows Wireshark usually see it after some packets are captured or loaded.

Figure 8.2: The Welcome Screen

Wireshark’s main window consists of parts that are commonly known from many other GUI
Programs.

1. The menu is used to start actions.

IT-310 LAB MANUAL By Nosheen Anwar 100 | Page


Lab-08 ✪Introduction to Wireshark

Figure 8.3: The Menu

2. The main toolbar provides quick access to frequently used items from the menu.

Figure 8.4: The “Main” toolbar

3. The filter toolbar allows users to set display filters to filter which packets are displayed.

Figure 8.5: The “Filter” toolbar

4. The packet list pane displays a summary of each packet captured. By clicking on packets in
this pane you control what is displayed in the other two panes.

Figure 8.6: The “Packet List” pane

5. The packet details pane displays the packet selected in the packet list pane in more detail.

Figure 8.7: The “Packets Details” pane

6. The packet bytes pane displays the data from the packet selected in the packet list pane,
and highlights the field selected in the packet details pane.

IT-310 LAB MANUAL By Nosheen Anwar 101 | Page


Lab-08 ✪Introduction to Wireshark

Figure 8.8: The “Packets Bytes” pane

7. The status bar shows some detailed information about the current program state and the
captured data.

Figure 8.9: The initial Status bar

Figure 8.10: The Status bar with a loaded capture file

8.3 Lab Tasks

Q1. c

Q2. Merge two captured files and save as a new file.

Q3. A user is unable to ping a system on the network. How can Wireshark be used to solve
the problem?

IT-310 LAB MANUAL By Nosheen Anwar 102 | Page


Lab-08 ✪Introduction to Wireshark

IT-310 LAB MANUAL By Nosheen Anwar 103 | Page

You might also like