Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
8 views5 pages

nomanLAB13 Sam CCN

Ccn lab and Ai lab

Uploaded by

sameer boss
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views5 pages

nomanLAB13 Sam CCN

Ccn lab and Ai lab

Uploaded by

sameer boss
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

Lab 13 Wireshark 2021f-BCE-256

LAB#13
Step 1: Retrieve your PC Interface address.

Step 2: Start Wireshark and Begin Capturing Data

SIR SYED UNIVERSITY OF ENGINEERING AND TECHNOLOGY


Lab 13 Wireshark 2021f-BCE-256

1. Capturing ICMP Packets

Filtering ICMP Packets

Sending Ping to an IP Address

Capturing and Displaying ICMP Packets

Stop Capturing Packets

Examining ICMP Packets

SIR SYED UNIVERSITY OF ENGINEERING AND TECHNOLOGY


Lab 13 Wireshark 2021f-BCE-256

Click the first ICMP request PDU frames in the top section of Wireshark. Notice that the Source column
has your PC IP address, and the Destination column contains the IP address of the teammate PC that you
pinged.

Examining ICMP Packets

Capturing ARP Packets

Filtering ARP Packets

ARP Request Packet

ARP Response Packet

SIR SYED UNIVERSITY OF ENGINEERING AND TECHNOLOGY


Lab 13 Wireshark 2021f-BCE-256

1. Capturing HTTP Packets

HTTP Request Packet

SIR SYED UNIVERSITY OF ENGINEERING AND TECHNOLOGY


Lab 13 Wireshark 2021f-BCE-256

EXERCISE
Question#1 Can Wireshark be setup on a Cisco router?
No, Wireshark cannot be directly installed and run on a Cisco router because Wireshark is a desktop
application designed to capture and analyze network traffic from a computer's network interface.
However, you can capture traffic on a Cisco router using packet capture tools native to Cisco IOS, such as
Embedded Packet Capture (EPC) or by setting up a SPAN (Switched Port Analyzer) port to mirror traffic
to a connected device running Wireshark.
Question#2 A user is unable to ping a system on the network. How can Wireshark be used to solve the
problem?

To diagnose why a user is unable to ping a system on the network using Wireshark, you can
follow these steps:

 Start Wireshark on the computer of the user who is attempting to ping.


 Begin capturing traffic on the network interface that the ping traffic will traverse (usually
the Ethernet interface).
 Have the user attempt to ping the target system.
 Stop the Wireshark capture after attempting the ping.
 Apply a display filter for ICMP (ping) traffic (icmp in the filter bar) to isolate ping
packets.
 Analyze the captured packets to determine if the pings are reaching the target system and
if the responses are coming back.
 Look for ICMP error messages such as "Destination Unreachable" or "Request Timed
Out" to diagnose where the ping is failing.

This process will help you identify if the issue lies with network connectivity, routing, or firewall
configurations.
Question#3 Which Wireshark filter can be used to check all incoming requests to a HTTP Web server?
HTTP web servers use TCP port 80. Incoming requests to the web server would
have the destination port number as 80. So the filter tcp.
Question#4 Why does DNS use Follow UDP Stream while HTTP uses Follow TCP Stream?

DNS (Domain Name System) typically uses UDP (User Datagram Protocol) for its transport
because UDP is faster and more efficient for quick, simple queries where reliability of packet
delivery is less critical compared to speed. UDP does not establish a connection like TCP,
making it lightweight for DNS lookups.

On the other hand, HTTP (Hypertext Transfer Protocol), which is used for web browsing and
transferring web pages, uses TCP (Transmission Control Protocol) because HTTP requires
reliable data delivery and in-order packet delivery. TCP provides mechanisms like sequencing,
acknowledgment, and error detection which are necessary for the correct and complete
transmission of web pages and data.

SIR SYED UNIVERSITY OF ENGINEERING AND TECHNOLOGY

You might also like