Scribd
Upload
21 views6 pages

DCN Ceb522 Exp5

Uploaded by

Siddhi Parte
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views6 pages

DCN Ceb522 Exp5

Uploaded by

Siddhi Parte
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Name: Pratik Kumar Mishra Date:

Roll No. : CEB522 Sign:


Class: TE COMPS

EXPERIMENT NO.5

AIM: Study packet capturing and header formats of all layers protocols using Wireshark.
● Ethernet Layer: Frame header, Frame size etc.
● Data Link Layer: MAC address, ARP (IP and MAC address binding)
● Network Layer: IP Packet (header, fragmentation), ICMP (Query and Echo)
● Transport Layer: TCP Ports, TCP handshake segments etc.
● Application Layer: DHCP, FTP, HTTP header formats

THEORY:

Wireshark-

Wireshark is a network protocol analyzer, or an application that captures packets from a


network connection, such as from your computer to your home office or the internet.
Packet is the name given to a discrete unit of data in a typical Ethernet network.
Wireshark is the most often-used packet sniffer in the world. Like any other packet
sniffer, Wireshark does three things:

1. Packet Capture: Wireshark listens to a network connection in real time and then
grabs entire streams of traffic – quite possibly tens of thousands of packets at a
time.
2. Filtering: Wireshark is capable of slicing and dicing all of this random live data
using filters. By applying a filter, you can obtain just the information you need to
see.
3. Visualization: Wireshark, like any good packet sniffer, allows you to dive right into
the very middle of a network packet. It also allows you to visualize entire
conversations and network streams.

Uses of wireshark-

Wireshark has many uses, including troubleshooting networks that have performance
issues. Cybersecurity professionals often use Wireshark to trace connections, view the
contents of suspect network transactions and identify bursts of network traffic. It’s a
major part of any IT pro’s toolkit – and hopefully, the IT pro has the knowledge to use it.
Wireshark is a network protocol analyzer, or an application that captures packets from
a network connection, such as from your computer to your home office or the internet.
Packet is the name given to a discrete unit of data in a typical Ethernet network.
Wireshark is the most often-used packet sniffer in the world.
Wireshark has a rich feature set which includes the following-

● Deep inspection of hundreds of protocols, with more being added all the time
● Live capture and offline analysis
● Standard three-pane packet browser
● Multi-platform: Runs on Windows, Linux, OS X, FreeBSD, NetBSD, and many
others
● Captured network data can be browsed via a GUI, or via the TTY-mode TShark
utility
● The most powerful display filters in the industry
● Rich VoIP analysis

Capturing your traffic with Wireshark

1. Select Capture | Interfaces.

2. Select the interface on which packets need to be captured. ...

3. Click the Start button to start the capture.

4. Recreate the problem. ...

5. Once the problem which is to be analyzed has been reproduced, click on Stop. ...

6. Save the packet trace in the default format.


Filter using ip address-

Filter using tcp-


Different Layer’s Screenshot-
CONCLUSION: Thus, we have studied the working of WireShark.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy