Scribd
Upload
238 views3 pages

Wireshark Micro Project Report

The document is a micro project report on Wireshark, an open-source network packet capture and analysis tool. It outlines the tool's features, objectives, installation process, and practical applications in network troubleshooting, security analysis, and protocol learning. Additionally, it addresses challenges, ethical considerations, and provides resources for further learning.

Uploaded by

kajalshrma7703
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
238 views3 pages

Wireshark Micro Project Report

The document is a micro project report on Wireshark, an open-source network packet capture and analysis tool. It outlines the tool's features, objectives, installation process, and practical applications in network troubleshooting, security analysis, and protocol learning. Additionally, it addresses challenges, ethical considerations, and provides resources for further learning.

Uploaded by

kajalshrma7703
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Micro Project Report

Wireshark: Network Packet Capture and Analysis Tool

1. Introduction
Wireshark is a powerful open-source tool used for network packet capture and analysis. It
allows network administrators, security professionals, and developers to monitor network traffic
in real-time, troubleshoot network issues, and analyze protocols in detail. This micro project
explores the features, functionalities, and practical applications of Wireshark.

2. Objectives
- Understand the basics of packet switching and network traffic.
- Learn how to capture live traffic using Wireshark.
- Analyze various protocols such as HTTP, TCP, UDP, and DNS.
- Detect anomalies, packet loss, and security threats.
- Demonstrate the use of filters, color coding, and export features in Wireshark.

3. Tools & Technologies Used


- Software: Wireshark v4.2 or higher
- Platform: Windows/Linux
- Networking Protocols: TCP/IP, HTTP, HTTPS, DNS, ICMP, ARP
- Languages: Not applicable (tool-based project)

4. Overview of Wireshark
Wireshark is a packet analyzer that captures packets from network interfaces such as Ethernet,
Wi-Fi, and loopback. It displays captured data in a detailed and structured format with layers
representing the OSI model. Its GUI allows real-time monitoring and deep inspection of
hundreds of protocols.

5. Installation
Wireshark can be installed from the official website (https://www.wireshark.org/). During
installation, it may also install WinPcap or Npcap, which are essential for packet capture. On
Linux, it can be installed using:
sudo apt install wireshark

6. Capturing Packets
To capture traffic:
1. Launch Wireshark.
2. Select a network interface (e.g., Wi-Fi).
3. Click the blue shark fin icon to start capture.
4. Perform network activities (e.g., browsing websites).
5. Stop capture using the red square button.
Captured packets are displayed with time, source, destination, protocol, length, and info.

7. Packet Analysis
Each packet can be expanded into:
- Frame: Metadata about the capture.
- Ethernet II: Layer 2 information.
- IP: Source and destination IP addresses.
- TCP/UDP: Port numbers and flags.
- Application Layer (e.g., HTTP): Request methods, URIs, and headers.

8. Using Filters
Wireshark supports display and capture filters. Examples:
- `http`: Show only HTTP traffic.
- `ip.addr == 192.168.1.1`: Show packets to/from an IP.
- `tcp.port == 80`: Show TCP packets using port 80.
- `dns`: Show DNS query/response packets.
Filters allow focusing on relevant data during analysis.

9. Color Coding and Profiles


Wireshark uses color coding to highlight packet types:
- Green: TCP
- Light blue: UDP
- Black: Malformed or problematic packets
Custom color rules and profiles can be created to suit analysis preferences.

10. Real-Time Use Cases


- **Network Troubleshooting**: Detect packet loss, retransmissions, and latency.
- **Security Analysis**: Identify port scans, suspicious payloads, or anomalies.
- **Protocol Learning**: Understand how protocols like DNS and HTTP work.
- **VoIP Analysis**: Inspect SIP, RTP, and jitter in voice traffic.

11. Export and Reporting


Wireshark allows exporting captured data to various formats:
- `.pcap` for further analysis
- `.csv`, `.txt` for logs and summaries
Users can mark packets, export specified frames, or generate statistics.

12. Challenges & Limitations


- Requires administrative privileges for live capture.
- Cannot decrypt encrypted traffic like HTTPS without keys.
- Capturing on Wi-Fi can be restricted due to driver support.
- Handling large capture files can slow performance.

13. Safety and Legal Considerations


Packet capturing must be done ethically. Only capture on networks you own or have permission
to monitor. Unauthorized monitoring may violate privacy laws and network policies.

14. Conclusion
Wireshark is an indispensable tool for network analysis. It provides deep visibility into traffic
patterns and helps diagnose performance issues or detect attacks. This project provided hands-
on experience in using Wireshark for practical scenarios.

15. References
- https://www.wireshark.org/docs/
- https://en.wikipedia.org/wiki/Wireshark
- Wireshark User Guide PDF
- Practical Networking Online Course

You might also like