Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
9 views9 pages

Wireshark

This document is a guide on using Wireshark, an open-source network protocol analyzer, detailing steps for downloading, installing, and capturing network packets. It covers navigating the interface, applying display filters, analyzing HTTP traffic, saving captures, and following TCP streams. The guide includes prompts for practice and emphasizes the importance of specific features within Wireshark.

Uploaded by

info.mydigitaldriver
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
9 views9 pages

Wireshark

This document is a guide on using Wireshark, an open-source network protocol analyzer, detailing steps for downloading, installing, and capturing network packets. It covers navigating the interface, applying display filters, analyzing HTTP traffic, saving captures, and following TCP streams. The guide includes prompts for practice and emphasizes the importance of specific features within Wireshark.

Uploaded by

info.mydigitaldriver
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Report By: Muhammad Abdullah -070

Section: B

Class: DFCS -B

Roll no : BS-DFCS/Fall-2022/070

Created by Muhammad Abdullah


Introduction
Wireshark is a powerful, open-source network protocol analyzer used for capturing and inspecting
packets in real-time. This guide follows the steps presented in the aforementioned video tutorials,
providing detailed explanations and prompts for you to insert your own practice screenshots.

Step 1: Downloading and Installing Wireshark


1. Download Wireshark:
o Visit the official Wireshark download page.
o Choose the appropriate installer for your operating system (Windows, macOS, or Linux).
2. Install Wireshark:
o Run the downloaded installer.
o Follow the on-screen instructions. On Windows, ensure that Npcap is selected for
installation, as it's required for packet capturing.

Created by Muhammad Abdullah


Step 2: Launching Wireshark and Starting a Capture
1. Open Wireshark:
o Launch the Wireshark application.
2. Select a Network Interface:
o Upon opening, you'll see a list of available network interfaces.
o Choose the interface that corresponds to your active network connection (e.g., Wi-Fi or
Ethernet).

Insert a screenshot showing the list of network interfaces.

3. Start Capturing:
o Click the blue shark fin icon or press Ctrl + E to start capturing packets on the
selected interface.

Step 3: Navigating the Wireshark Interface

Created by Muhammad Abdullah


Wireshark's main window is divided into three panes:

1. Packet List Pane:


o Displays a summary of all captured packets.
2. Packet Details Pane:
o Shows detailed information about the selected packet, breaking down the protocols and
their fields.
3. Packet Bytes Pane:
o Presents the raw data of the selected packet in hexadecimal and ASCII formats.

Step 4: Applying Display Filters


Display filters allow you to refine the captured data to focus on specific traffic.

1. Using Display Filters:


o Locate the filter bar at the top of the window.
o Enter a filter expression to display only the packets that match certain criteria.

Common Display Filters:

o http – Displays only HTTP traffic.


o ip.addr == 192.168.1.1 – Shows packets to or from the IP address 192.168.1.1.

Created by Muhammad Abdullah


o tcp.port == 80 – Filters packets using TCP port 80.

Step 5: Capturing and Analyzing HTTP Traffic


1. Start a Capture Session:
o Begin capturing packets on your active network interface.
2. Generate HTTP Traffic:
o Open a web browser and navigate to a non-HTTPS website, such as
http://example.com.
3. Stop the Capture:
o After the page loads, return to Wireshark and stop the capture by clicking the red square
icon or pressing Ctrl + E.
4. Filter for HTTP Packets:
o In the filter bar, type http and press Enter to display only HTTP packets.

Created by Muhammad Abdullah


5.
Analyze HTTP Requests and Responses:
o Select an HTTP GET request packet to inspect its details.
o Examine the request method, host, user-agent, and other header fields.
o Similarly, analyze the corresponding HTTP response packet to view status codes and
server information.

Created by Muhammad Abdullah


Step 6: Saving and Exporting Captures
1. Save Capture File:
o Go to File > Save As.
o Choose a destination and filename, and save the capture in .pcapng format.

2.
Export Specific Packets:
o To export selected packets, highlight the desired packets in the Packet List Pane.

Created by Muhammad Abdullah


o Navigate to File > Export Specified Packets, choose the export format, and save the file.

Step 7: Following TCP Streams


Wireshark allows you to reconstruct and view the data flow between two endpoints.

1. Select a Packet:
o Choose a packet that is part of the TCP stream you want to analyze.
2. Follow the Stream:
o Right-click the packet and select Follow > TCP Stream.Wireshark
o A new window will open displaying the entire conversation between the client and
server.
3. Analyze the Conversation:
o Review the exchanged data to understand the communication flow

Created by Muhammad Abdullah


Created by Muhammad Abdullah

You might also like