0% found this document useful (0 votes)
55 views6 pages

Wire Shark

Uploaded by

aiml3b2023
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
55 views6 pages

Wire Shark

Uploaded by

aiml3b2023
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 6

10.

Wireshark

What is Wireshark?

Wireshark is an open-source network protocol analysis software program started


by Gerald Combs in 1998. A global organization of network specialists and software
developers support Wireshark and continue to make updates for new network
technologies and encryption methods.
Wireshark is absolutely safe to use. Government agencies, corporations, non-profits, and
educational institutions use Wireshark for troubleshooting and teaching purposes. There
isn’t a better way to learn networking than to look at the traffic under the Wireshark
microscope.
There are questions about the legality of Wireshark since it is a powerful packet sniffer.
The Light side of the Force says that you should only use Wireshark on networks where
you have permission to inspect network packets. Using Wireshark to look at packets
without permission is a path to the Dark Side.

How does Wireshark work?


Wireshark is a packet sniffer and analysis tool. It captures network traffic on the local
network and stores that data for offline analysis. Wireshark captures network traffic from
Ethernet, Bluetooth, Wireless (IEEE.802.11), Token Ring, Frame Relay connections, and
more.

Ubuntu

From a terminal prompt, run these commands:

sudo apt-get install wireshark


sudo dpkg-reconfigure wireshark-common
sudo adduser $USER wireshark

Those commands download the package, update the package, and add user
privileges to run Wireshark.
i) Packet capture Using Wire shark

ii) Starting Wire shark

iii) Viewing Captured Traffic


When you open Wireshark, you see a screen that shows you a list of all of the network
connections you can monitor. You also have a capture filter field, so you only capture the
network traffic you want to see.

You can select one or more of the network interfaces using “shift left-click.” Once you have
the network interface selected, you can start the capture, and there are several ways to do
that.
Click the first button on the toolbar, titled “Start Capturing Packets.”

You can select the menu item Capture -> Start.


During the capture, Wireshark will show you the packets that it captures in real-time.
iv) Analysis and Statistics & Filters.
Aim: To capture and analyse TCP and UDP packets through Wireshark software.

Software Required: Wireshark

Procedure:

1. Open Wireshark-packet capture software.


2. Open capture tab.
3. Select interface.
4. Select an existing Ethernet card.
5. Click on start capture.
6. Click on stop capture button.
7. Click on analyze button, display filters, select now.
8. Click on filter expression and enter “TCP/UDP”.
9. All the UDP and TCP packets will be listed.
10. Select the required UDP and TCP packets and analyze the packet by right
clicking.
11. Analyze the UDP and TCP packet in full.

TCP PACKETS
Under the Statistics menu item you will find a list of options to show details about
your capture.

Capture File Properties:

Wireshark I/O Graph:


Result: Hence, the simulation and analysis of UDP and TCP Measured
successfully.

You might also like