23 SSL Exp 6
23 SSL Exp 6
23 SSL Exp 6
OBJECTIVES :
● Understand the need for traffic analysis.
● Understand how packet sniffing is done using wireshark.
● Trace and understand various packets from dynamic traffic.
OUTCOMES : The learner will be able to Sniff network packets and study
insights of packets to get detail network information.
Theory:
Wireshark, a network analysis tool formerly known as Ethereal, captures
packets in real time and displays them in human-readable format. Wireshark
includes filters, color-coding and other features that let you dig deep into
network traffic and inspect individual packets.
Features of Wireshark :
• Available for UNIX and Windows.
• Capture live packet data from a network interface.
• Open files containing packet data captured with tcpdump/WinDump,
Wireshark, and a number of other packet capture programs.
• Import packets from text files containing hex dumps of packet data.
• Display packets with very detailed protocol information.
• Export some or all packets in a number of capture file formats.
• Filter packets on many criteria.
• Search for packets on many criteria.
• Colorize packet displays based on filters.
• Create various statistics.
Installation of Wireshark:
Capturing Traffic:
Wireshark uses colors to help you identify the types of traffic at a glance. By
default, green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic,
and black identifies TCP packets with problems — for example, they could
have been delivered out-of-order.
Filtering Packets:
The most basic way to apply a filter is by typing it into the filter box at the top
of the window and clicking Apply (or pressing Enter).
1. TCP
TCP (Transmission Control Protocol) is a standard that defines how to
establish and maintain a network conversation through which application
programs can exchange data.
2. HTTP
The ICMP stands for Internet Control Message Protocol.It is used for error
handling in the network layer. ICMPv6 to refer specifically to the versions of
ICMP used with IPv6.
CONCLUSION : Thus , we have successfully implemented this experiment
and thereby understood wireshark installation and network traffic analysis
using packet sniffing .Also detailed information about packets was explored by
applying filters.