Scribd
Upload
38 views13 pages

Devkinandan FCN Ass1

Uploaded by

onkartimepass
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
38 views13 pages

Devkinandan FCN Ass1

Uploaded by

onkartimepass
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Bansilal Ramnath Agarwal Charitable Trust's

Vishwakarma Institute of Information Technology

Department of
Artificial Intelligence and Data Science
Name: Devkinandan Jagtap

Class: SY Division: A Roll No:271024

Semester: IV Academic Year: 2021-2022

Subject Name & Code: Fundamental of Computer Networks (ADUA21204)

Title of Assignment: Demonstrate the use of Wireshark tool for network analysis

Date of Performance: 12-01-2022 Date of Submission:16-01-2022

Aim: To install the Wireshark software and to perform the Demonstrate the
use of Wireshark tool for network analysis.

Problem Statement: Demonstrate the use of Wireshark tool for network


analysis.

Background Information:
Wireshark is a network packet analyser. A network packet analyser presents
captured packet data in as much detail as possible.

Wireshark is an open-source protocol analyser designed by Gerald Combs that


runs on Windows and Unix platforms. Originally known as Ethereal, its main
objective is to analyse traffic as well as being an excellent, easy-to-use application
for analysing communications and resolving network problems. Wireshark
implements a range of filters that facilitate the definition of search criteria and
currently supports over 1100 protocol, all with a simple and intuitive front-end
that enables you to break down the captured packets by layer.
Wireshark "understands" the structure of different networking protocols, so we
can view the fields of each one of the headers and layers of the packets being
monitored, providing a wide range of options to network administrators when
performing certain traffic analysis tasks.

Wireshark is available for free, is open source, and is one of the best packet
analysers available today.

Software Requirements:
Laptop.

Results or Experimentation:
Downloading Wireshark on Windows 10
1. Select the Wireshark Windows Installer matching your system type,
either 32-bit or 64-bit as determined.
2. Download and install Wireshark

NOTE: If you are a beginner with using Wireshark, please select the stable
release version.

3. The download should start automatically once you selected the


compatible Windows Installer for your Windows 10 platform.
4. Save the program in the Downloads folder, then Close the web
browser.

Install Wireshark
1. Open Windows Explorer.
2. Select the Downloads folder.
3. Locate the version of Wireshark you downloaded.
4. Double-click on the file to open it. If you see a User Account Control
dialog box, select Yes to allow the program to make changes to this
computer.
5. Select Next to start the Setup Wizard.

6. Review the license agreement. If you agree, select I Agree to continue.


7. Select “Next” to accept the default components.

8. Select the shortcuts you would like to have created. Leave the file
extensions selected. Select Next to continue.
9. Select Next to accept the default install location.

10. Select Next to install WinPcap.


11. If you would like to capture USB traffic, install USBPcap as well.

12. Select Next to start the Setup Wizard.


13. Select Install to proceed with the installation the requisite software
WinPCap. Please note that WinPcap is a mandatory software to ensure
Wireshark Packet Analyzer works properly.

14. Review the license agreement. If you agree, select I Agree to continue.
15. Installation of WinPcap should start automatically one you agreed and
selected next.

16. Select Finish to complete the installation of WinPcap.


17. Select Next to continue with the installation of Wireshark.

18. Select Finish to complete the installation of Wireshark. Once installed,


you can open the Wireshark and start monitoring network traffic.
• Capturing Packets: After downloading and installing Wireshark, you
can launch it and click the name of an interface under Interface List to start
capturing packets on that interface. Wireshark, formerly known as
Ethereal, is an amazing Network Monitoring tool. It helps you to capture
the data packets being sent/received by your network interface and analyze
it.
To start the packet capturing process, click the Capture menu and choose Start.
Wireshark will continue capturing and displaying packets until the capture
buffer fills up. The buffer is 1 Mbytes by default. This size is generally good
enough, but to change it click the Capture menu, choose Options, and adjust the
Buffer size value accordingly. When you’re done capturing packets, click the
Capture menu and choose Stop.

The top panel of the window identifies each packet’s source and destination
nodes, protocol implemented, and information about each packet. You can select
a specific packet to display more details. The middle panel displays information
about this packet, and you can choose a specific field of the packet and the
contents of that field are displayed in hex and ASCII format in the bottom panel.
As a result, you’re able to analyze the flow and view each field (including data
field payloads) of all packets.

1. Source Ip Filter: A source filter can be applied to restrict the packet


view in Wireshark to only those packets that have source IP as mentioned
in the filter. The filter applied in the example below is: [Link] ==
[Link]
2. Destination Ip Filter: A destination filter can be applied to restrict the
packet view in Wireshark to only those packets that have destination IP as
mentioned in the filter. For example: [Link] == [Link]

a. Filter By Protocol: Its very easy to apply filter for a particular


protocol. Just write the name of that protocol in the filter tab and hit
enter. In the example below we tried to filter the results for http
protocol using this filter: arp
b. Protocol Hierarchy: Wireshark can provide a statistical
breakdown of the contents of a packet capture. The protocol
hierarchy shows a dissection per OSI layer of the displayed data.
Click on Statistics>Protocol Hierarchy. After processing the capture
file you’ll be presented with a chart outlining the protocol statistics.

Conclusion: From this study we can understood the importance of wireshark


how it works and why we use wireshark and many more about
wireshark(packet analyzer tool).

You might also like