1 / 10

Computer Networking Ethereal/Wireshark Packet Capture Example

Computer Networking Ethereal/Wireshark Packet Capture Example. Dr Sandra I. Woolley. Ethereal/Wireshark Example.

alyson
Download Presentation

Computer Networking Ethereal/Wireshark Packet Capture Example

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer NetworkingEthereal/Wireshark Packet Capture Example Dr Sandra I. Woolley

  2. Ethereal/Wireshark Example • Ethereal was a protocol analyzer that is now called Wireshark. It is used for opening passing network packets and exploring their contents. It can be used to observe all passing packets for any users on the shared network connection. It is sometimes called a “packet sniffer”. • The following slides are taken from the example in Chapter Two of the course textbook. Note edition 2 of the book recommends use of Ethereal (we will use its replacement, Wireshark.) • The example summarises what happens when a user clicks on the nytimes url. As well as providing a simple visual example of the processes and protocols involved in the delivery of web page information, the example serves as a good introduction to the protocol analyzer.

  3. Network Analyzer Example • Our user clicks on http://www.nytimes.com/ • The network analyzer captures all frames observed by its NIC (network interface controller). • The sequence of frames and their contents can be examined in detail down to individual bytes. Internet

  4. Encapsulation Reminder HTTP Request HTTP Request HTTP Request HTTP Request TCP header TCP header TCP header IP header IP header Ethernet header FCS TCP Header contains source & destination port numbers IP Header contains source and destination IP addresses; transport protocol type Ethernet Header contains source & destination MAC addresses; network protocol type

  5. Ethereal/Wireshark Windows Middle Pane shows encapsulation for a given frame Top Pane shows frame/packet sequence Bottom Pane shows hex & text

  6. Top Pane: Frame Sequence TCP Connection Setup DNS Query HTTP Request & Response

  7. Middle Pane: Encapsulation Ethernet Frame Ethernet Destination and Source Addresses Protocol Type

  8. Middle pane: Encapsulation And a lot of other stuff! IP Packet IP Source and Destination Addresses Protocol Type

  9. Middle Pane: Encapsulation TCP Segment Source and Destination Port Numbers GET HTTP Request

  10. Thank You

More Related