Applications:Wireshark

By PJanPJan

Module Number: Module 02 Infrastructure and Documentation
Project Number: Project 2-4 Install and Use Wireshark
Computer Used: Lenovo Yoga Windows 11

Wireshark is a network protocol analyzer that captures and displays data packets traveling through a network. It is useful for troubleshooting network issues, learning about networking protocols, and analyzing network performance. During this project, I installed and began using Wireshark to analyze packet captures. I filtered for specific protocols like ICMP, HTTP, DNS, and ARP to observe network traffic. This exercise helped me understand how different layers of the OSI model are represented in packet captures and how communication occurs between devices. Some key takeaways that I learned are ICMP: Used for network diagnostics (e.g., ping). HTTP/HTTPS: Analyzed web traffic, saw GET and POST requests. DNS: Observed how domain names are resolved into IP addresses. TCP/UDP: Learned about different transport layer protocols and their significance. ARP: Saw how devices resolve IP addresses to MAC addresses on the local network. Some useful tips I learned are Filtering: Use protocol filters (http, icmp, dns, etc.) to isolate specific types of network traffic.
Layers: Expand each layer to see details about MAC addresses, IP addresses, and protocol-specific information. Saving Captures: Always save your capture files with a meaningful name for future reference. Clearing Filters: Remember to clear filters after each search by clicking the X next to the filter box. Capture Options: When starting a capture, choose the correct network interface (e.g., Wi-Fi or Ethernet) based on your network setup. You can also note any specific commands or additional features you want to explore in the future (such as advanced filtering, setting up capture filters, or following TCP streams).


Thanks to tsangk for this great snippet: conditional-blocks


text above inserted with:

[[include :snippets:if START |unique=1|type=equal|var1=%%name%%|var2=conditional-blocks]]
**##red|Thanks to tsangk for this great snippet:##** [[[code:conditional-blocks]]]
[[include :snippets:if END]]



Other snippets posted by PJan

Virtualization:VMclients - 08 Sep 2024 21:13
Applications:Nmap - 08 Sep 2024 16:06


Rate this solution

If you think this solution is useful — rate it up!

rating: 0+x
Add a New Comment
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License