SlideShare une entreprise Scribd logo

Wireshark course, Ch 02: Introduction to wireshark

Yoram Orzach
Yoram Orzach

This chapter introduces the very basics of Wireshark - how to start packet capture, where to locate it in the network and how to configure basic operations. In chapter 3 we will learn how to configure capture and display filters.

Internet
1  sur  40
NDI Communications - Engineering & Training Network analysis Using Wireshark Lesson 2 – Introduction to Wireshark
Page 2 Lesson Objectives By the end of this lesson, the participant will be able to: To start capturing data with the Wireshark software To configure basic parameters with Wireshark To understand basic colorizing mechanisms To understand basic preferences configurations
Page 3 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 4 What is Network Analysis Developed by Gerald Combs in In late 1997. He called it Ethereal First released, after several pauses in development, in July 1998 as version 0.2.0 Additional patches and applications added by Gilbert Ramirez, Guy Harris and Richard Sharpe and others In 2006 the project moved house and re-emerged under a new name – Wireshark Acquired by Riverbed in 2010 with commitment to live as open-source
Page 5 What Can We Do With It, And What We Cannot? What we can: Capture packets Watch smart statistics Define filters – capture and display Analyze problems What we cannot: It is not and automatic tool It is not suitable for long-term monitoring It is not a “magic” tool
Page 6 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 7 Reminder – How a LAN Switch Works Sw Segment A Segment B B3 A1 A2 A3 B2B1 A1 A2 A3 B1 B2 B3 C5 C6 C7 C5 C6 C7 Segment C Decision Table A1A3 Block A1B1 Forward to port B A1C7 Forward to port C A1BC Forward to all (flood) A1D7 Forward to all (flood)
Page 8 Port Mirror / Port Monitor Monitoring port SDSD SD SD Monitored port
Page 9 Were to Locate the Wireshark? To ISP For server monitoring: Connect the laptop to the LAN switch, with port mirror to the monitored server For WAN monitoring: Connect the laptop to the LAN switch, with port mirror to the monitored router For Internet connectivity monitoring: Before or after the Firewall
Page 10 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 11 The Interface (Version 1.10.6)
Page 12 Choose the Right Interface
Page 13 Some Details:
Page 14 Choose the Interface and Start the Capture
Page 15 And You Will Get: Packet List Packet Details Packet Bytes
Page 16 To Stop the Capture Or Ctrl+E
Page 17 Configuring the Capture Choosing the interface Capture in promiscuous mode Capture multiple files Stop capture Display options Name resolution Manage Interfaces Capture filter
Page 18 A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 19 Configuring the start window Chapter Content Main Toolbar Filter Toolbar Wireless Toolbar (Turned off by default) Status Toolbar
Page 20 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 21 Time Display Format
Page 22 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 23 Packet Colorization You can set-up Wireshark so that it will colorize packets according to a filter There are two types of coloring rules in Wireshark. Temporary ones that are only used until you quit the program. Permanent ones that will be saved to a preference file so that they are available on a next session
Page 24 Permanently Colorize Packets Open from View  Coloring Rules
Page 25 Colorizing Specific Data We want to watch a specific protocol through out the capture file
Page 26 Colorizing Specific Data
Page 27 Colorizing Specific Data
Page 28 Colorizing Specific Data (TLS Connection Establishment)
Page 29 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 30 Saving and Manipulating Files Save only displayed packets
Page 31 Saving and Manipulating Files Save to XLS file
Page 32 And You Will Get: Additional calculation for finding the DELAY
Page 33 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 34 Preferences Open from Edit  Preferences User interface configuration Protocols configuration
Page 35 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
Page 36 Control Protocol Dissection Each protocol has its own dissector, so dissecting a complete packet will typically involve several dissectors. Wireshark tries to find the right dissector for each packet (using static "routes" and heuristics "guessing")
Page 37 User Specified Decodes The "Decode As" functionality let you temporarily divert specific protocol dissections.
Page 38 Configuration Profiles Open from Edit  Configuration Profiles Configuration Profiles can be used to configure and use more than one set of preferences and configurations: Preferences Capture Filters Display Filters Coloring Rules Disabled Protocols User Accessible Tables
Page 39 Wireshark Shortcuts
Page 40 Summary For more information, technical data and many examples and case studies: http://www.amazon.com/Network-Analysis-Using-Wireshark- Cookbook/dp/1849517649 Thanks!!! Yoram Orzach yoram@ndi-com.com +972-52-4899699

Recommandé

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
Deepika Ojha
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
Yoram Orzach
 
Wireshark - Basics
Wireshark - BasicsWireshark - Basics
Wireshark - Basics
Yoram Orzach
 
CapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionCapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet Inspection
Chris Harrington
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Piyush Mittal
 

Recommandé

Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
Jim Gilsinn
 
Wireshark
WiresharkWireshark
Wireshark
Deepika Ojha
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
Yoram Orzach
 
Wireshark - Basics
Wireshark - BasicsWireshark - Basics
Wireshark - Basics
Yoram Orzach
 
CapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet InspectionCapAnalysis - Deep Packet Inspection
CapAnalysis - Deep Packet Inspection
Chris Harrington
 
Packet analysis using wireshark
Packet analysis using wiresharkPacket analysis using wireshark
Packet analysis using wireshark
Basaveswar Kureti
 
Wireshark
WiresharkWireshark
Wireshark
Vijay kumar
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Piyush Mittal
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
David Sweigert
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
bala150985
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
Yoram Orzach
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
Denny K
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_03
Packet analyzing with wireshark-basic of packet analyzing - Episode_03Packet analyzing with wireshark-basic of packet analyzing - Episode_03
Packet analyzing with wireshark-basic of packet analyzing - Episode_03
Dhananja Kariyawasam
 
Ch 06 -- Bandwidth Delay and Jitter Issues
Ch 06 -- Bandwidth Delay and Jitter IssuesCh 06 -- Bandwidth Delay and Jitter Issues
Ch 06 -- Bandwidth Delay and Jitter Issues
Yoram Orzach
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Dhananja Kariyawasam
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_01
Packet analyzing with wireshark-basic of packet analyzing - Episode_01Packet analyzing with wireshark-basic of packet analyzing - Episode_01
Packet analyzing with wireshark-basic of packet analyzing - Episode_01
Dhananja Kariyawasam
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
Chaman Poorani
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 
Wireshark
Wireshark Wireshark
Wireshark
antivirusspam
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
Yoram Orzach
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
Coursenvy.com
 
Ch 09 -- ARP & IP Analysis
Ch 09 -- ARP & IP AnalysisCh 09 -- ARP & IP Analysis
Ch 09 -- ARP & IP Analysis
Yoram Orzach
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
Al Imran, CISA
 
Wireshark
WiresharkWireshark
Wireshark
lakshya dubey
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
Cengage Learning
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Yoram Orzach
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
n|u - The Open Security Community
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
shwetha mk
 

Contenu connexe

Tendances

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
David Sweigert
 
Wireshark
WiresharkWireshark
Wireshark
btohara
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
Cengage Learning
 

Tendances (20)

Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Wireshark ppt
Wireshark pptWireshark ppt
Wireshark ppt
 
Ch 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfvCh 01 --- introduction to sdn-nfv
Ch 01 --- introduction to sdn-nfv
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
OSTU - Quickstart Guide for Wireshark (by Tony Fortunato)
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_03
Packet analyzing with wireshark-basic of packet analyzing - Episode_03Packet analyzing with wireshark-basic of packet analyzing - Episode_03
Packet analyzing with wireshark-basic of packet analyzing - Episode_03
 
Ch 06 -- Bandwidth Delay and Jitter Issues
Ch 06 -- Bandwidth Delay and Jitter IssuesCh 06 -- Bandwidth Delay and Jitter Issues
Ch 06 -- Bandwidth Delay and Jitter Issues
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02Packet analyzing with wireshark-basic of packet analyzing - Episode_02
Packet analyzing with wireshark-basic of packet analyzing - Episode_02
 
Packet analyzing with wireshark-basic of packet analyzing - Episode_01
Packet analyzing with wireshark-basic of packet analyzing - Episode_01Packet analyzing with wireshark-basic of packet analyzing - Episode_01
Packet analyzing with wireshark-basic of packet analyzing - Episode_01
 
Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorial
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Wireshark
Wireshark Wireshark
Wireshark
 
Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1Network Analysis Using Wireshark 1
Network Analysis Using Wireshark 1
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Ch 09 -- ARP & IP Analysis
Ch 09 -- ARP & IP AnalysisCh 09 -- ARP & IP Analysis
Ch 09 -- ARP & IP Analysis
 
SSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wiresharkSSL basics and SSL packet analysis using wireshark
SSL basics and SSL packet analysis using wireshark
 
Wireshark
WiresharkWireshark
Wireshark
 
Packet Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing ConferencePacket Analysis - Course Technology Computing Conference
Packet Analysis - Course Technology Computing Conference
 
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP AnalysisNetwork analysis Using Wireshark Lesson 11: TCP and UDP Analysis
Network analysis Using Wireshark Lesson 11: TCP and UDP Analysis
 

En vedette

Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
amiable_indian
 
Introduction To Cellular Networks
Introduction To Cellular NetworksIntroduction To Cellular Networks
Introduction To Cellular Networks
Yoram Orzach
 

En vedette (15)

Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Nmap(network mapping)
Nmap(network mapping)Nmap(network mapping)
Nmap(network mapping)
 
Introduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless NetworksIntroduction To Cellular And Wireless Networks
Introduction To Cellular And Wireless Networks
 
Ch 07 -- The Expert System
Ch 07 -- The Expert SystemCh 07 -- The Expert System
Ch 07 -- The Expert System
 
Wireshark course, Ch 05: Advanced statistics tools
Wireshark course, Ch 05: Advanced statistics toolsWireshark course, Ch 05: Advanced statistics tools
Wireshark course, Ch 05: Advanced statistics tools
 
Wireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filtersWireshark course, Ch 03: Capture and display filters
Wireshark course, Ch 03: Capture and display filters
 
Wireshark
WiresharkWireshark
Wireshark
 
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet Nmap not only a port scanner by ravi rajput comexpo security awareness meet
Nmap not only a port scanner by ravi rajput comexpo security awareness meet
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
N map presentation
N map presentationN map presentation
N map presentation
 
Hacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning TechniquesHacking With Nmap - Scanning Techniques
Hacking With Nmap - Scanning Techniques
 
Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"Nmap 9 truth "Nothing to say any more"
Nmap 9 truth "Nothing to say any more"
 
Introduction To Cellular Networks
Introduction To Cellular NetworksIntroduction To Cellular Networks
Introduction To Cellular Networks
 

Similaire à Wireshark course, Ch 02: Introduction to wireshark

Evaluating Wavelet Tranforms for Video Conferencing Applications
Evaluating Wavelet Tranforms for Video Conferencing ApplicationsEvaluating Wavelet Tranforms for Video Conferencing Applications
Evaluating Wavelet Tranforms for Video Conferencing Applications
Videoguy
 
8 Channel Analog Data Logger
8 Channel Analog Data Logger8 Channel Analog Data Logger
8 Channel Analog Data Logger
Raghav Shetty
 
The Computing Continuum.pdf
The Computing Continuum.pdfThe Computing Continuum.pdf
The Computing Continuum.pdf
Förderverein Technische Fakultät
 

Similaire à Wireshark course, Ch 02: Introduction to wireshark (20)

P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
 
WebRTC Seminar Report
WebRTC Seminar ReportWebRTC Seminar Report
WebRTC Seminar Report
 
Presentation on wireshark
Presentation on wiresharkPresentation on wireshark
Presentation on wireshark
 
wireshark.pdf
wireshark.pdfwireshark.pdf
wireshark.pdf
 
Evaluating Wavelet Tranforms for Video Conferencing Applications
Evaluating Wavelet Tranforms for Video Conferencing ApplicationsEvaluating Wavelet Tranforms for Video Conferencing Applications
Evaluating Wavelet Tranforms for Video Conferencing Applications
 
ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i ArcSight Logger Forwarding Connector for HP Network Node Manager i
ArcSight Logger Forwarding Connector for HP Network Node Manager i
 
8 Channel Analog Data Logger
8 Channel Analog Data Logger8 Channel Analog Data Logger
8 Channel Analog Data Logger
 
MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English MikroTik Basic Training Class - Online Moduls - English
MikroTik Basic Training Class - Online Moduls - English
 
Wireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptxWireshark Packet Analyzer.pptx
Wireshark Packet Analyzer.pptx
 
Introduction to Blackfin BF532 DSP
Introduction to Blackfin BF532 DSPIntroduction to Blackfin BF532 DSP
Introduction to Blackfin BF532 DSP
 
Ixia presentation
Ixia presentationIxia presentation
Ixia presentation
 
The Computing Continuum.pdf
The Computing Continuum.pdfThe Computing Continuum.pdf
The Computing Continuum.pdf
 
LwTE: Light-weight Transcoding at the Edge
LwTE: Light-weight Transcoding at the EdgeLwTE: Light-weight Transcoding at the Edge
LwTE: Light-weight Transcoding at the Edge
 
WebRTC And FreeSWITCH – What This Combination Means?
WebRTC And FreeSWITCH – What This Combination Means?WebRTC And FreeSWITCH – What This Combination Means?
WebRTC And FreeSWITCH – What This Combination Means?
 
Rfc2327
Rfc2327Rfc2327
Rfc2327
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX Webinar
 
Audinate avb white paper v1.2
Audinate avb white paper v1.2Audinate avb white paper v1.2
Audinate avb white paper v1.2
 
CDMA1X Pilot Panorama introduction
CDMA1X Pilot Panorama introductionCDMA1X Pilot Panorama introduction
CDMA1X Pilot Panorama introduction
 
WebRTC overview
WebRTC overviewWebRTC overview
WebRTC overview
 
My Final Year Project PPT
My Final Year Project PPTMy Final Year Project PPT
My Final Year Project PPT
 

Plus de Yoram Orzach

Plus de Yoram Orzach (17)

Network analysis Using Wireshark Lesson 1- introduction to network troublesho...
Network analysis Using Wireshark Lesson 1- introduction to network troublesho...Network analysis Using Wireshark Lesson 1- introduction to network troublesho...
Network analysis Using Wireshark Lesson 1- introduction to network troublesho...
 
Network analysis Using Wireshark Lesson 12 - bandwidth and delay issues
Network analysis Using Wireshark Lesson 12 - bandwidth and delay issuesNetwork analysis Using Wireshark Lesson 12 - bandwidth and delay issues
Network analysis Using Wireshark Lesson 12 - bandwidth and delay issues
 
Network Analysis Using Wireshark Jan 18- seminar
Network Analysis Using Wireshark Jan 18- seminar Network Analysis Using Wireshark Jan 18- seminar
Network Analysis Using Wireshark Jan 18- seminar
 
Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis Network Analysis Using Wireshark -10- arp and ip analysis
Network Analysis Using Wireshark -10- arp and ip analysis
 
Network Analysis Using Wireshark Chapter 09 ethernet and lan switching
Network Analysis Using Wireshark Chapter 09 ethernet and lan switchingNetwork Analysis Using Wireshark Chapter 09 ethernet and lan switching
Network Analysis Using Wireshark Chapter 09 ethernet and lan switching
 
Network Analysis Using Wireshark Chapter 08 the expert system
Network Analysis Using Wireshark Chapter 08 the expert systemNetwork Analysis Using Wireshark Chapter 08 the expert system
Network Analysis Using Wireshark Chapter 08 the expert system
 
lesson 7- Network analysis Using Wireshark - advanced statistics tools
lesson 7- Network analysis Using Wireshark - advanced statistics toolslesson 7- Network analysis Using Wireshark - advanced statistics tools
lesson 7- Network analysis Using Wireshark - advanced statistics tools
 
Network Analysis Using Wireshark -Chapter 6- basic statistics tools
Network Analysis Using Wireshark -Chapter 6- basic statistics toolsNetwork Analysis Using Wireshark -Chapter 6- basic statistics tools
Network Analysis Using Wireshark -Chapter 6- basic statistics tools
 
Network analysis Using Wireshark Lesson 3: locating wireshark
Network analysis Using Wireshark Lesson 3: locating wiresharkNetwork analysis Using Wireshark Lesson 3: locating wireshark
Network analysis Using Wireshark Lesson 3: locating wireshark
 
lesson 2- Network analysis Using Wireshark introduction to cellular feb-2017
lesson 2- Network analysis Using Wireshark introduction to cellular feb-2017lesson 2- Network analysis Using Wireshark introduction to cellular feb-2017
lesson 2- Network analysis Using Wireshark introduction to cellular feb-2017
 
Network Analysis using Wireshark 5: display filters
Network Analysis using Wireshark 5: display filtersNetwork Analysis using Wireshark 5: display filters
Network Analysis using Wireshark 5: display filters
 
Network analysis Using Wireshark 4: Capture Filters
Network analysis Using Wireshark 4: Capture FiltersNetwork analysis Using Wireshark 4: Capture Filters
Network analysis Using Wireshark 4: Capture Filters
 
Ch 05 --- nfv basics
Ch 05 --- nfv basicsCh 05 --- nfv basics
Ch 05 --- nfv basics
 
Ch 04 --- sdn deployment models
Ch 04 --- sdn deployment modelsCh 04 --- sdn deployment models
Ch 04 --- sdn deployment models
 
Ch 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocolsCh 03 --- the OpenFlow protocols
Ch 03 --- the OpenFlow protocols
 
Ch 02 --- sdn and openflow architecture
Ch 02 --- sdn and openflow architectureCh 02 --- sdn and openflow architecture
Ch 02 --- sdn and openflow architecture
 
Ch 08 -- Ethernet & LAN Switching Troubleshooting
Ch 08 -- Ethernet & LAN Switching TroubleshootingCh 08 -- Ethernet & LAN Switching Troubleshooting
Ch 08 -- Ethernet & LAN Switching Troubleshooting
 

Dernier

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
SUHANI PANDEY
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
SUHANI PANDEY
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
tanu pandey
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Chandigarh Call girls 9053900678 Call girls in Chandigarh
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
SUHANI PANDEY
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
nirzagarg
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
roncy bisnoi
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
nilamkumrai
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
tanu pandey
 

Dernier (20)

Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
Yerawada ] Independent Escorts in Pune - Book 8005736733 Call Girls Available...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
( Pune ) VIP Baner Call Girls 🎗️ 9352988975 Sizzling | Escorts | Girls Are Re...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 

Wireshark course, Ch 02: Introduction to wireshark

  • 1. NDI Communications - Engineering & Training Network analysis Using Wireshark Lesson 2 – Introduction to Wireshark
  • 2. Page 2 Lesson Objectives By the end of this lesson, the participant will be able to: To start capturing data with the Wireshark software To configure basic parameters with Wireshark To understand basic colorizing mechanisms To understand basic preferences configurations
  • 3. Page 3 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 4. Page 4 What is Network Analysis Developed by Gerald Combs in In late 1997. He called it Ethereal First released, after several pauses in development, in July 1998 as version 0.2.0 Additional patches and applications added by Gilbert Ramirez, Guy Harris and Richard Sharpe and others In 2006 the project moved house and re-emerged under a new name – Wireshark Acquired by Riverbed in 2010 with commitment to live as open-source
  • 5. Page 5 What Can We Do With It, And What We Cannot? What we can: Capture packets Watch smart statistics Define filters – capture and display Analyze problems What we cannot: It is not and automatic tool It is not suitable for long-term monitoring It is not a “magic” tool
  • 6. Page 6 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 7. Page 7 Reminder – How a LAN Switch Works Sw Segment A Segment B B3 A1 A2 A3 B2B1 A1 A2 A3 B1 B2 B3 C5 C6 C7 C5 C6 C7 Segment C Decision Table A1A3 Block A1B1 Forward to port B A1C7 Forward to port C A1BC Forward to all (flood) A1D7 Forward to all (flood)
  • 8. Page 8 Port Mirror / Port Monitor Monitoring port SDSD SD SD Monitored port
  • 9. Page 9 Were to Locate the Wireshark? To ISP For server monitoring: Connect the laptop to the LAN switch, with port mirror to the monitored server For WAN monitoring: Connect the laptop to the LAN switch, with port mirror to the monitored router For Internet connectivity monitoring: Before or after the Firewall
  • 10. Page 10 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 11. Page 11 The Interface (Version 1.10.6)
  • 12. Page 12 Choose the Right Interface
  • 14. Page 14 Choose the Interface and Start the Capture
  • 15. Page 15 And You Will Get: Packet List Packet Details Packet Bytes
  • 16. Page 16 To Stop the Capture Or Ctrl+E
  • 17. Page 17 Configuring the Capture Choosing the interface Capture in promiscuous mode Capture multiple files Stop capture Display options Name resolution Manage Interfaces Capture filter
  • 18. Page 18 A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 19. Page 19 Configuring the start window Chapter Content Main Toolbar Filter Toolbar Wireless Toolbar (Turned off by default) Status Toolbar
  • 20. Page 20 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 22. Page 22 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 23. Page 23 Packet Colorization You can set-up Wireshark so that it will colorize packets according to a filter There are two types of coloring rules in Wireshark. Temporary ones that are only used until you quit the program. Permanent ones that will be saved to a preference file so that they are available on a next session
  • 24. Page 24 Permanently Colorize Packets Open from View  Coloring Rules
  • 25. Page 25 Colorizing Specific Data We want to watch a specific protocol through out the capture file
  • 28. Page 28 Colorizing Specific Data (TLS Connection Establishment)
  • 29. Page 29 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 30. Page 30 Saving and Manipulating Files Save only displayed packets
  • 31. Page 31 Saving and Manipulating Files Save to XLS file
  • 32. Page 32 And You Will Get: Additional calculation for finding the DELAY
  • 33. Page 33 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 34. Page 34 Preferences Open from Edit  Preferences User interface configuration Protocols configuration
  • 35. Page 35 Chapter Content A brief history and introduction Locating Wireshark Starting the capture of data Configuring the start window Using time values and summaries Configuring colouring rules and navigation techniques Saving, printing, and exporting data Configuring the user interface in the Preferences menu Configuring protocol preferences
  • 36. Page 36 Control Protocol Dissection Each protocol has its own dissector, so dissecting a complete packet will typically involve several dissectors. Wireshark tries to find the right dissector for each packet (using static "routes" and heuristics "guessing")
  • 37. Page 37 User Specified Decodes The "Decode As" functionality let you temporarily divert specific protocol dissections.
  • 38. Page 38 Configuration Profiles Open from Edit  Configuration Profiles Configuration Profiles can be used to configure and use more than one set of preferences and configurations: Preferences Capture Filters Display Filters Coloring Rules Disabled Protocols User Accessible Tables
  • 40. Page 40 Summary For more information, technical data and many examples and case studies: http://www.amazon.com/Network-Analysis-Using-Wireshark- Cookbook/dp/1849517649 Thanks!!! Yoram Orzach yoram@ndi-com.com +972-52-4899699