CS610 LAB 7updated
CS610 LAB 7updated
1. Introduction to Wireshark
2. How to create a Troubleshooting Profile in Wireshark:
Introduction to Wireshark
Wireshark is a network packet analyzer which captures network packets and displays that
packet data as detailed as possible. Wireshark is free open source software program
available at www.wireshark.org
Intended Purposes:
When run on a host connected to a wired or wireless network, Wireshark captures and
decodes the network frames. People use it to learn network protocol internals. Network
administrators use it to troubleshoot network problems. Network security engineers use it
to examine security problems.
Wireshark’s Features
Wireshark’s Installation
• Plugins & Extensions - Extras for the Wireshark and TShark dissection engines.
• User’s Guide
Installing WinPcap: With WinPcap installed you would be able to capture live network
traffic.
The main window is shown next.
The different interfaces available that WinPcap driver sees in the machine are shown and
you can either click start or click options for more options regarding capturing packets
before starting the capture
Task 1:
Step3: Click the arrow in the Create from area, expand the Global section and select
Classic. This profile uses the most vibrant colors.
Step4: Enter Troubleshooting Book Profile in the Profile Name area. Click OK.
As soon as you create your new profile, the Wireshark Status Bar indicates that you are
working in the Troubleshooting Book Profile, as shown next
You will be able to add capabilities and customization to this new profile. Wireshark also
allows download/import a predefined profile for immediate use.
Task-2
You can add columns to display additional information about packets to speed up your
analysis process.