Upload
others
View
19
Download
0
Embed Size (px)
Citation preview
Networking Laboratory 1/56
Sungkyunkwan University
Copyright 2000-2017 Networking Laboratory
Network Analyzer :- Introduction to Wireshark
Part -1
Syed M. Raza – [email protected]
H. Choo – [email protected]
Networking Laboratory 3/13
Internet Protocol Stack
Consists of five layers
Derived from TCP/IP protocol stack
5. Application
4. Transport
3. Network
2. Link
1. Physical
Networking Laboratory 4/13
Internet Protocol Stack Explained
Animation Video
Explanation of operation and purpose of Internet Protocol
Stack
Networking Laboratory 6/13
Packet Encapsulation
22Bytes 20Bytes 20Bytes 4Bytes
64 to 1500 Bytes
The data is sent down the protocol stack
Each layer adds to the data by prepending headers
Networking Laboratory 8/13
Wireshark Introduction
Video
Brief description of what is Wireshark and why it is used
Networking Laboratory 10/13
Introduction (1/3)
Network Traffic Trace
► A recording of the network packets both received by and transmitted
from a network interface
What is a pcap file?
► pcap = Packet Capture
► File format originally designed for tcpdump/libpcap
► Most widely used packet capture format
Networking Laboratory 11/13
Introduction (2/3)
What is Wireshark ?
► Formerly known as Ethereal
► Wireshark is a GUI Network Protocol Analyzer
► Follows the rules of the pcap library
► Found at http://www.wireshark.org
► The complete manual is located here
Networking Laboratory 12/13
Introduction (3/3)
Some of its functions
► Capturing network traffic from the interface
► Decodes packets of common protocols
► Displays the network traffic in human-readable format
Some of its uses
► Troubleshoot network problems.
► Learn network protocol internals.
► Debug protocol/program implementation.
► Examine network-related security issues