INFORMATION SECURITY (03606306) Enrollment No: 210345305025
Practical-2
AIM: Demonstrate traffic analysis of different network protocols using tool.
Installation of Wireshark:
Step 1: visit the Wireshark website using any web browser.
Step 2: click on download.
Step 3: now check for the executable file in downloads in your system and run
it.
Step 4: setup screen will appear, click on Next.
Step 5: the next screen will be of license agreement, click on noted.
PIET-DS(CE) Page 1
� INFORMATION SECURITY (03606306) Enrollment No: 210345305025
Step 6: this screen is for choosing components, all components are already
marked so don’t change anything just click on the next button.
Step 7: this screen is of choosing shortcuts like start menu or desktop icon along
with file extension which can be intercepted by Wireshark, tick all boxes and
click on next button.
PIET-DS(CE) Page 2
� INFORMATION SECURITY (03606306) Enrollment No: 210345305025
Step 8: the next screen will be of installing location so choose the drive which
will have sufficient memory space for installation. It needed only a memory
space of 231.1 MB.
Step 9: this installation will prompt for npcap installation as already checked so
the license agreement of npcap will appear to click on the I Agree button.
PIET-DS(CE) Page 3
� INFORMATION SECURITY (03606306) Enrollment No: 210345305025
Step 10: click on finish after the installation process is completed.
Step 11: click on finish after the installation process of Wireshark is completed.
Wireshark is successfully installed on the system and an icon is created on the
desktop .
Now run the software and see the interfaces.
PIET-DS(CE) Page 4
�INFORMATION SECURITY (03606306) Enrollment No: 210345305025
OUTPUT:-
PIET-DS(CE) Page 5
�INFORMATION SECURITY (03606306) Enrollment No: 210345305025
Wireshark is a free and open-source network protocol analyzer that
enables user to interactively browse the data traffic on a computer
network. The development project was started under the name ethereal but
was renamed Wiresharkin2006.
Many networking developers from all around the world have contributed
to this project with network analysis, troubleshooting software
development and communication protocols Wireshark is used in many
educational institutions and other industrial sector.
Wireshark is a network or protocol analyzer available for free at the
Wireshark website. It is used to analyse the structure of different network
protocols and has the ability to demonstrate encapsulation. The analyzer
operates on UNIX, Linux, and Microsoft operating systems, and employs
the GTK+ widget toolkit and pcap for packet capturing. Wireshark and
other terminal-based free software versions like Tshark are released under
the GNU General Public License.
Wireshark shares many characteristics with tcpdump. The difference is
that it supports a graphical user interface (GUI) and has information
filtering feature. In addition, Wireshark permits the user to see all the
traffic being passed over the network.
Features of Wireshark Include:
Data is analysed either from the wire over the network connection or from
data files that have already captured data packets.
Supports live data reading and analysis for a wide range of
networks(including Ethernet, IEEE 802.11, point-to-point Protocol (PPP)
and loopback).
With the help of GUI or other versions, users can browse captured data
networks.
For pro-grammatically editing and converting the captured files to the
edit-cap application, users can use command line switches.
Display filters are used to filter and organize the data display.
New protocols can be scrutinized by creating plug-ins.
Captured traffic can also trace voice over internet (VoIP) call over the
network.
When using Linux, it is also possible to capture row USB traffic.
PIET-DS(CE) Page 6
