Scribd
Upload
4 views3 pages

Experiment10(755)

lab

Uploaded by

choudharymehul1122
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views3 pages

Experiment10(755)

lab

Uploaded by

choudharymehul1122
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Aim: Conducting a Network Capture and Monitoring with Wireshark Simulation Tool.

Theory: Wireshark is an open-source packet analyzer that operates on various platforms,


including Windows, macOS, and Linux. It allows users to capture, view, and analyze the data
traveling across a network in real-time. The tool supports a wide range of protocols, making
it versatile for analyzing diverse network environments.

Wireshark Features:
Live Capture: Wireshark enables live packet capture, allowing users to observe network
activity as it happens. This is particularly useful for troubleshooting and identifying issues in
real-time.
Filtering Capabilities: The tool provides powerful filtering options, allowing users to focus on
specific types of traffic, such as packets associated with a particular IP address, protocol, or
time frame.
Color-coded Packet Analysis: Wireshark color-codes packets to distinguish between
different types of network traffic. This visual representation aids in quickly identifying
patterns and potential issues.
Protocol Support: Wireshark supports a vast array of network protocols, including but not
limited to Ethernet, IP, TCP, UDP, HTTP, DNS, and more. This makes it a comprehensive tool
for analyzing diverse network communication.
Packet Decoding: Wireshark decodes packet data, providing a human-readable
interpretation of the raw network traffic. This decoding capability is instrumental in
understanding the content and structure of transmitted data.

Network Capture and Monitoring Concepts:


Promiscuous Mode: Wireshark captures packets in promiscuous mode, allowing it to
intercept and analyze all network traffic, not just traffic intended for the capturing device.
This mode is crucial for gaining a comprehensive view of network activity.
Packet Sniffing: The process of intercepting and examining packets as they traverse a
network. Packet sniffing is a key component of network analysis and is used for various
purposes, including security audits and performance optimization.
Capture Filters vs. Display Filters: Capture filters determine which packets are recorded
during the capture process, while display filters are applied post-capture to selectively view
packets based on specific criteria. Understanding the difference between these filters
enhances the efficiency of network analysis.
Wireshark Features Screenshots:

Wireshark capture
Wireshark filters:

Conclusion: In conclusion, this experiment provided valuable hands-on experience in


utilizing Wireshark for network capture and monitoring. By analyzing the captured packets,
we gained insights into the functioning of network protocols and identified potential areas
for optimization and troubleshooting. This practical exercise enhances our understanding of
network analysis tools and their applications in real-world scenarios. Moving forward, these
skills can be instrumental in maintaining network security, diagnosing connectivity issues,
and ensuring efficient data flow within a networked environment.

You might also like