Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

PIET-DS(CE) Page 20
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical - 4

Aim: Subnet a Network in Packet Tracer.

Solution:

➢ A subnet, or subnetwork, is a part of a larger network. Subnets are a logical part of an IP

network into multiple, smaller network components. The Internet Protocol (IP) is the method
for transmitting data from one computer to another over the internet network. Each computer,
or host, on the internet, has at least one IP address as a unique identifier.

➢ Step 1: First, open the Cisco packet tracer desktop and select the devices given below:

❖ IP Addressing Table for PCs: -

PIET-DS(CE) Page 21
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Then, create a network topology as shown below the image.

➢ Use an Automatic connecting cable to connect the devices with others.

Step 2: Configure the PCs (hosts) with IPv4 address and Subnet Mask according to the IP
addressing table given above.
• To assign an IP address in PC0, click on PC0.
• Then, go to desktop and then IP configuration and there you will IPv4 configuration.
• Fill IPv4 address and subnet mask.

PIET-DS(CE) Page 22
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Assigning IP address using the ipconfig command.

• Or we can also assign an IP address with the help of a command.
• Go to the command terminal of the PC.
• Then, type ipconfig <IPv4 address><subnet mask><default gateway> (if needed)

➢ Example: ipconfig 192.168.1.2 255.255.255.0 192.168.1.1

➢ Repeat the same procedure with other PCs to configure them thoroughly.

➢ Step 3: Configure router with IP address and subnet mask.

❖ IP Addressing Table Router: -

PIET-DS(CE) Page 23
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ To assign an IP address in router0, click on router0.

➢ Then, go to config and then Interfaces.
➢ Then, configure the IP address in Fast Ethernet and serial ports according to IP addressing
Table.
➢ Fill IPv4 address and subnet mask.

➢ Repeat the same procedure with other routers to configure them thoroughly.

➢ Step 4: After configuring all of the devices we need to assign the routes to the routers. To
assign static routes to the particular router:

• First, click on router0 then Go to CLI.

• Then type the commands and IP information given below.
• CLI command: ip route <network id> <subnet mask><next hop>

PIET-DS(CE) Page 24
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Step 5: Verifying the network by pinging the IP address of any PC. We will use the ping
command to do so.

• First, click on PC0 then Go to the command prompt.

• Then type ping <IP address of targeted node>
• As we can see in the below image, we are getting replies which means the connection is
working very fine

➢ Example: ping 192.168.2.2

➢ A simulation of the experiment we are sending PDU from PC0 to PC3 and PC2 to PC4.

PIET-DS(CE) Page 25
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

PIET-DS(CE) Page 26
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical - 5
Aim: Bus, Star, mesh, ring and Hybrid topology using cisco packet tracer.

Solution:

1. Bus Topology: -

➢ A bus topology is a network in which nodes are directly linked with a common half-duplex
link. A host on a bus topology is called a station. In a bus network, every station will accept all
network packets, and these packets generated by each station have equal information priority.
A bus network includes a single network segment and collision domain.

❖ Steps to Configure and Setup Bus Topology in Cisco Packet Tracer: -

➢ Step 1: First, open the cisco packet tracer desktop and select the devices given below:

S.NO Device Model-Name

1. PC PC

2. Switch PT-Switch
❖ IP Addressing Table: -

S.NO Device IPv4 Address Subnet Mask

pc0 192.168.0.1 255.255.255.0

pc1 192.168.0.2 255.255.255.0

pc2 192.168.0.3 255.255.255.0

pc3 192.168.0.4 255.255.255.0

➢ Then, create a network topology as shown below image:

➢ Use an Automatic connecting cable to connect the devices with others.
PIET-DS(CE) Page 27
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Step 2: Configure the PCs (hosts) with IPv4 address and Subnet Mask according to the IP
addressing table given above.
• To assign an IP address in PC0, click on PC0.
• Then, go to desktop and then IP configuration and there you will IPv4 configuration.
• Fill IPv4 address and subnet mask.

➢ Assigning an IP address using the ipconfig command, or we can also assign an IP address with
the help of a command.
➢ Go to the command terminal of the PC.
➢ Then, type ipconfig <IPv4 address><subnet mask><default gateway> (if needed)
➢ Example: ipconfig 192.168.0.1 255.255.255.0

PIET-DS(CE) Page 28
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Repeat the same procedure with other PCs to configure them thoroughly.

➢ Step 3: Verify the connection by pinging the IP address of any host in PC0.
• Use the ping command to verify the connection.
• As we can see we are getting replies from a targeted node on both PCs.
• Hence the connection is verified.

PIET-DS(CE) Page 29
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Simulation Result: A simulation of the experiment is given below we have sent two PDU
packets one targeted from PC0 to PC2 and another targeted from PC3 to PC1.

2. Star Topology: -

➢ A star topology for a Local Area Network (LAN) is one in which each node is connected to a
central connection point, such as a hub or switch. Whenever a node tries to connect with
another node then the transmission of the message must be happening with the help of the
central node. The best part of star topology is the addition and removal of the node in the
network but too many nodes can cause suffering to the network.

➢ A Cisco packet tracer is a simulation tool that is used for understanding the networks. The best
part of the Cisco packet tracer is its visualization you can see the actual flow of the message
and understand the workflow of the network devices. Implementation of Star Topology using
Cisco Packet Tracer is done using Switch.

❖ Steps Implementing Star Topology using Cisco Packet Tracer: -

➢ Step 1: We have taken a switch and linked it to six end devices.

PIET-DS(CE) Page 30
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Step 2: Link every device with the switch.

➢ Step 3: Provide the IP address to each device.

➢ Step 4: Transfer message from one device to another and check the Table for Validation.

PIET-DS(CE) Page 31
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Now to check whether the connections are correct or not try to ping any device and the image
below is doing the same.
➢ To do ping one terminal of one device and run the following command:

➢ Command: "ping IP address of any device"

➢ Example: ping 192.168.1.4
➢ Note: If the connections are correct then you will receive the response.

3. Mesh Topology: -

➢ In the mesh topology of networking, each and every device sends its own signal to the other
devices that are present in the arrangement of the network.

❖ Steps to Configure and Setup Ring Topology in Cisco Packet Tracer: -

➢ Step 1: First, open the Cisco packet tracer desktop and select the devices given below:

S.NO Device Model name

1. PC PC

2. Switch PT-switch

PIET-DS(CE) Page 32
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

❖ IP Addressing Table: -

S.NO Device IPv4 Address Subnet Mask

1. pc0 192.168.0.1 255.255.255.0

2. pc1 192.168.0.2 255.255.255.0

3. pc2 192.168.0.3 255.255.255.0

4. pc3 192.168.0.4 255.255.255.0

➢ Then, create a network topology as shown below the image.

➢ Use an Automatic connecting cable to connect the devices with others.

➢ Step 2: Configure the PCs (hosts) with IPv4 address and Subnet Mask according to the IP
addressing table given above.
• To assign an IP address in PC0, click on PC0.
• Then, go to desktop and then IP configuration and there you will IPv4 configuration.
• Fill IPv4 address and subnet mask.

PIET-DS(CE) Page 33
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Assigning IP address using the ipconfig command.

➢ Also, we can also assign an IP address with the help of a command.
➢ Go to the command terminal of the PC.
➢ Then, type ipconfig <IPv4 address><subnet mask><default gateway> (if needed)
➢ Example: ipconfig 192.168.0.1 255.255.255.0

➢ Repeat the same procedure with other PCs to configure them thoroughly.

➢ Step 3: Verify the connection by pinging the IP address of any host in PC0.

• Use the ping command to verify the connection.

• We will check if we are getting any replies or not.
• Here we get replies from a targeted node on both PCs.
• Hence the connection is verified.

PIET-DS(CE) Page 34
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ A simulation of the experiment is given below we have sent two PDU packets one targeted
from PC0 to PC3 and another targeted from PC1 to PC2.

4. Hybrid Topology: -

➢ The arrangement of a network that comprises nodes and connecting lines via sender and
receiver is referred to as network topology. The combination of two or more topologies in a
computer network is called Hybrid Topology. These combined topologies can be a combination
of bus topology, mesh topology, ring topology, star topology, and tree topology. To learn about
Hybrid Topology refer to the Advantages and Disadvantages of Hybrid Topology article. In
this article, we will see steps to configure and set up Hybrid topology in cisco packet tracer.

➢ Step 1: First, open the cisco packet tracer desktop and select the devices given below:

S.NO Device Model Name

1. PC PC

PIET-DS(CE) Page 35
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

S.NO Device Model Name

2. Switch PT-Switch

❖ IP Addressing Table: -

Sr No. Device IPv4 Address Subnet Mask

1. pc0 192.168.0.1 255.255.255.0

2. pc1 192.168.0.2 255.255.255.0

3. pc2 192.168.0.3 255.255.255.0

4. pc3 192.168.0.4 255.255.255.0

5. pc4 192.168.0.5 255.255.255.0

6. pc5 192.168.0.6 255.255.255.0

7. pc6 192.168.0.7 255.255.255.0

8. pc7 192.168.0.8 255.255.255.0

9. pc8 192.168.0.9 255.255.255.0

➢ Then, create a network topology as shown below the image (Bus, ring, and star topology).
➢ Use an Automatic connecting cable to connect the devices with others.

PIET-DS(CE) Page 36
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Step 2: Configure the PCs (hosts) with IPv4 address and Subnet Mask according to the IP
addressing table given above.

• To assign an IP address in PC0, click on PC0.

• Then, go to desktop and IP configuration and there you will find IPv4 configuration.
• Add IPv4 address and subnet mask.

➢ Assigning IP address using the ipconfig command.

➢ We can also assign an IP address with the help of a command.
➢ Go to the command terminal of the PC.
➢ Now type ipconfig <IPv4 address><subnet mask><default gateway> (if needed)
➢ example: ipconfig 192.168.0.1 255.255.255.0

PIET-DS(CE) Page 37
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ Repeat the same procedure with other PCs to configure them thoroughly.

Step 3: Verify the connection by pinging the IP address of any host in PC0.

• Use the ping command to verify the connection.

• We will check, if we are getting any replies or not.
• As we can see here getting replies from a targeted node on both PCs. Hence the connection
is verified.

• A simulation of the experiment is given below we have sent two PDU packets one targeted
from PC0 to PC4 and another targeted from PC3 to PC8.

PIET-DS(CE) Page 38
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical – 6
Aim: Analyse working of WIFI and WiMAX.

WIFI:

• Definition: Wi-Fi is wireless networking technology enabling various devices like

computers, smartphones, and other equipment to connect to the Internet and communicate
with each other without a cable. It creates a network where these devices can exchange
information. These established connections through a wireless router act as an intermediary
between the WIFI-compatible devices and the Internet.

• Working: It is a technology for wireless local area networking with devices based on IEEE
802.11 standards. Wi-Fi compatible devices can connect to the internet via WLAN network
and a wireless access point abbreviated as AP. Every WLAN has an access point which is
responsible for receiving and transmitting data from/to users. IEEE has defined certain
specifications for wireless LAN, called IEEE 802.11 which covers physical and data link
layers. Access Point (AP) is a wireless LAN base station that can connect one or many
wireless devices simultaneously to internet.
o The architecture of this standard has 2 kinds of services: 1. BSS (Basic Service Set)
2. ESS (Extended Service Set)
o BSS is the basic building block of WLAN. It is made of wireless mobile stations
and an optional central base station called Access Point. Stations can form a network
without an AP and can agree to be a part of a BSS.

PIET-DS(CE) Page 39
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

• Version:

• Advantage:
o The Wi-Fi allows easy cable-free connection to the internet from multiple devices.
Users can access the network from anywhere within a range enhancing mobility and
flexibility.
o The Wi-Fi networks eliminate the need for extensive cabling, reducing installation
and maintenance costs. It is particularly beneficial for the businesses and a large
space.
• Disadvantage:
o The Wi-Fi networks are vulnerable to a hacking and unauthorized accesses if not
secured. This can lead to the data breaches and a privacy concern for all the users.
o The Wi-Fi routers require an electricity to function. During the power outages the
network becomes inaccessible potentially disrupting the important communications
or work.

• Application:
o Using Wi-Fi, we can access the internet in any Wi-Fi-capable device wirelessly. We
can stream or cast audio or video wirelessly on any device using Wi-Fi for our
entertainment.
o We can share files, data, etc between two or more computers or mobile phones
using Wi-Fi, and the speed of the data transfer rate is also very high. Also, we can
print any document using a Wi-Fi printer, this is very much used nowadays.

PIET-DS(CE) Page 40
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

WiMAX:

• Definition: WiMAX (Worldwide Interoperability for Microwave Access) is a wireless

communication standard designed to provide high-speed internet access over a wide area. It
is based on the IEEE 802.16 family of standards and is often referred to as “Wi-Fi on
steroids” because it offers higher data rates and broader coverage than traditional Wi-Fi.

• Working: WiMAX stands for Worldwide Interoperability for Microwave Access. This
technology is based on IEEE 802.16. It is used to provide higher data rates with increased
coverage. It is based on MAN (Metropolitan Area Network) technology. Its range is up to
50 Km. It may provide speeds up to 70 Mbps and it can operate in Non-Line-of-Sight. This
technology is fast, convenient, and cost-effective.

• Version:
o 802.16d - DSL replacement: The 802.16d version is often referred to as 802.16-
2004 and it is closer to what may be termed the original version of WiMAX defined
under 802.16a. It is aimed at fixed applications and providing a wireless equivalent
of DSL broadband data - often called WiMAX broadband.
o 802.16e - Nomadic / Mobile: While 802.16 / WiMAX was originally envisaged as
being a fixed only technology, with the need for people on the move requiring high
speed data at a cost less than that provided by cellular services and opportunity for a
mobile version was seen and 802.16e was developed. This standard is also widely
known as 802.16-2005.

• Advantage:
o WiMAX can cover an area of up to 50 kilometers, making it suitable for providing
broadband access in rural and underserved areas.
o WiMAX can provide data rates of up to 75 Mbps, which is higher than many
other wireless technologies.

PIET-DS(CE) Page 41
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

• Disadvantage:
o WiMAX is designed for fixed or nomadic (semi-fixed) use, not for mobile use.
o WiMAX operates in the same frequency range as other wireless technologies, which
can lead to interference.

• Application:
o WiMAX is used to provide a wireless link between a cellular base station and the core
network, eliminating the need for a wired connection.
o WiMAX is used to provide wireless connectivity for public safety networks, allowing
emergency responders to communicate and share information in real-time.

Difference between WIFI and WIMAX:

PIET-DS(CE) Page 42
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical -7

Aim : Describe working of Wireshark.

Solution :-

❖ Definition :-

• Wireshark is an open-source packet analyzer, which is used for education, analysis, software
development, communication protocol development, and network troubleshooting.

• It is used to track the packets so that each one is filtered to meet our specific needs. It is
commonly called as a sniffer, network protocol analyzer, and network analyzer. It is also
used by network security engineers to examine security problems.

• Wireshark is a free to use application which is used to apprehend the data back and forth. It is
often called as a free packet sniffer computer application. It puts the network card into an
unselective mode, i.e., to accept all the packets which it receives.

❖ Uses of Wireshark :-
Wireshark can be used in the following ways :-

1. It is used by network security engineers to examine security problems.

2. It allows the users to watch all the traffic being passed over the network.

3. It is used by network engineers to troubleshoot network issues.

4. It also helps to troubleshoot latency issues and malicious activities on your network.

5. It can also analyze dropped packets.

6. It helps us to know how all the devices like laptop, mobile phones, desktop, switch, routers,
etc., communicate in a local network or the rest of the world.

PIET-DS(CE) Page 43
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

❖ History of Wireshark :-

• In the late 1990's Gerald Combs, a computer science graduate of the University of Missouri-
Kansas City was working for the small ISP (Internet Service Provider). The protocol at that
time did not complete the primary requirements. So, he started writing ethereal and released the
first version around 1998. The Network integration services owned the Ethernet trademark.

• Combos still held the copyright on most of the ethereal source code, and the rest of the source
code was re-distributed under the GNU GPL. He did not own the Ethereal trademark, so he
changed the name to Wireshark. He used the contents of the ethereal as the basis.

• Wireshark has won several industry rewards over the years including eWeek, InfoWorld, PC
Magazine and also as a top-rated packet sniffer. Combos continued the work and released the
new version of the software. There are around 600 contributed authors for the Wireshark
product website.

❖ Features of Wireshark :-

• It is multi-platform software, i.e., it can run on Linux, Windows, OS X, FreeBSD, NetBSD, etc.

• It is a standard three-pane packet browser.

• It performs deep inspection of the hundreds of protocols.

• It often involves live analysis, i.e., from the different types of the network like the Ethernet,
loopback, etc., we can read live data.

• It has sort and filter options which makes ease to the user to view the data.

• It is also useful in VoIP analysis.

• It can also capture raw USB traffic.

PIET-DS(CE) Page 44
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

• Various settings, like timers and filters, can be used to filter the output.

• It can only capture packet on the PCAP (an application programming interface used to capture
the network) supported networks.

• Wireshark supports a variety of well-documented capture file formats such as the PcapNg and
Libpcap. These formats are used for storing the captured data.

• It is the no.1 piece of software for its purpose. It has countless applications ranging from
the tracing down, unauthorized traffic, firewall settings, etc.

❖ Color coding in Wireshark :-

The packets in the Wireshark are highlighted with blue, black, and green color. These colors help
users to identify the types of traffic. It is also called as packet colorization. The kinds of coloring
rules in the Wireshark are temporary rules and permanent rules.

➢ The temporary rules are there until the program is in active mode or until we quit the program.

➢ The permanent color rules are available until the Wireshark is in use or the next time you run the
Wireshark. The steps to apply color filters will be discussed later in this topic.

❖ Installation of Wireshark Software :-

Below are the steps to install the Wireshark software on the computer :-

➢ Open the web browser.

➢ Search for 'Download Wireshark.'

➢ Select the Windows installer according to your system configuration, either 32-bt or 64-bit. Save
the program and close the browser.

➢ Now, open the software, and follow the install instruction by accepting the license.

➢ The Wireshark is ready for use.

PIET-DS(CE) Page 45
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

On the network and Internet settings option, we can check the interface connected to our computer.
If you are Linux users, then you will find Wireshark in its package repositories.
By selecting the current interface, we can get the traffic traversing through that interface. The version
used here is 3.0.3. This version will open as :-

The Wireshark software window is shown above, and all the processes on the network are carried
within this screen only.
The options given on the list are the Interface list options. The number of interface options will be
present. Selection of any option will determine all the traffic. For example, from the above fig. select
the Wi-Fi option. After this, a new window opens up, which will show all the current traffic on the
network. Below is the image which tells us about the live capture of packets and our Wireshark will
look like :-

PIET-DS(CE) Page 46
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

The above arrow shows the packet content written in hexadecimal or the ASCII format. And the
information above the packet content, are the details of the packet header.
It will continue listening to all the data packets, and you will get much data. If you want to see a
particular data, then you can click on the red button. The traffic will be stationary, and you can note
the parameters like time, source, destination, the protocol being used, length, and the Info. To view in-
depth detail, you can click on that particular address; a lot of the information will be displayed below
that.
There will be detailed information on HTTP packets, TCP packets, etc. The red button is shown below
:-

The screen/interface of the Wireshark is divided into five parts :-

First part contains a menu bar and the options displayed below it. This part is at the top of

PIET-DS(CE) Page 47
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

➢ the window. File and the capture menus options are commonly used in Wireshark. The capture
menu allows to start the capturing process. And the File menu is used to open and save a capture
file.

➢ The second part is the packet listing window. It determines the packet flow or the captured packets
in the traffic. It includes the packet number, time, source, destination, protocol, length, and info.
We can sort the packet list by clicking on the column name.

➢ Next comes the packet header- detailed window. It contains detailed information about the
components of the packets. The protocol info can also be expanded or minimized according to the
information required.

➢ The bottom window called the packet contents window, which displays the content in ASCII and
hexadecimal format.

➢ At last, is the filter field which is at the top of the display. The captured packets on the screen can
be filtered based on any component according to your requirements. For example, if we want to
see only the packets with the HTTP protocol, we can apply filters to that option. All the packets
with HTTP as the protocol will only be displayed on the screen, shown below :-

PIET-DS(CE) Page 48
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

You can also select the connection to which your computer is connected. For example, in this PC, we
have chosen the current network, i.e., the ETHERNET.
After connecting, you can watch the traffic below :-

PIET-DS(CE) Page 49
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

In view option on the menu bar, we can also change the view of the interface. You can change the
number of things in the view menu. You can also enable or disable any option according to the
requirements.

There is a filter block below the menu bar, from where a large amount of data can be filtered. For
example, if we apply a filter for HTTP, only the interfaces with the HTTP will be listed.

PIET-DS(CE) Page 50
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

If you want to filter according to the source, right-click on the source you want to filter and select
'Apply as Filter' and choose '...and filter.'
Steps for the permanent colorization are :- click on the 'View' option on the menu bar and select
'Coloring Rules.' The table will appear like the image shown below:

For the network administrator job, advanced knowledge of Wireshark is considered as the
requirements. So, it is essential to understand the concepts of the software. It contains these 20 default
coloring rules which can be added or removed according to the requirements.
Select the option 'View' and then choose 'Colorize Packet List,' which is used to toggle the color on
and off.

PIET-DS(CE) Page 51
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical -8

Aim : Packet capture and Protocol Analyzer using Wireshark

Solution :-

Why sniff around?

If you have prior experience with securing systems, you can not emphasize enough the importance
of reconnaissance. And if you are new, just know that it is very important. Packet sniffing is an
essential form of network recon as well as monitoring. It’s equally useful for students and IT
professionals.
Wireshark captures the data coming or going through the NICs on its device by using an underlying
packet capture library. By default, Wireshark captures on-device data only, but it can capture almost
all the data on its LAN if run in promiscuous mode. Currently, Wireshark uses NMAP’s Packet
Capture library(called npcap).
Getting Up and Running: After installation launch Wireshark, approve the administrator or
superuser privileges and you will be presented with a window that looks like this:

This window shows the interfaces on your device. To start sniffing select one interface and click on
the bluefin icon on the top left. The data capture screen has three panes. The top pane shows real-
time traffic, the middle one shows information about the chosen packet and the bottom pane shows
the raw packet data. The top pane shows source address(IPv4 or IPv6) destination address, source
and destination ports, protocol to which the packet belongs to and additional information about the
packet.
PIET-DS(CE) Page 52
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Since there are a lot of packets going in and out every second, looking at all of them or searching for
one type of packets will be tedious. This is why packet filters are provided. Packets can be filtered
based on many parameters like IP address, port number or protocol at capture level or at display
level. As obvious a display level filter will not affect the packets being captured.
Some of the general capture filters are:
• host (capture the traffic through a single target)
• net( capture the traffic through a network or sub-network). “net” can be prefixed with “src” or
“dst” to indicate whether the data coming from or going to the target host(s).)
• port (capture the traffic through or from a port). “port” can be prefixed with “src” or “dst” to
indicate whether the data coming from or going to the target port.
• “and”, “not” and “or” logical connectives.(Used to combine multiple filters together).

There are some more basic filters and they can be combined very creatively. Another range of
filters, display filters are used to create abstraction on captured data. These basic examples should
provide a basic idea of their syntax:

• tcp.port==80/udp.port==X shows the tcp/udp traffic at port X.

• http.request.uri matches “parameter=value$” shows packets that are HTTP requests at the
application layer level and their URI ends with a parameter with some value.

PIET-DS(CE) Page 53
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

• The logical connective and or and not work here too.

• ip.src==192.168.0.0/16 and ip.dst==192.168.0.0/16 will show traffic to and from workstations
and servers.

There is also a concept of coloring rules. Each protocol/port/other element is provided a unique
color to make it easily visible for quick analysis. More details on coloring rules is here

Plugins are extra pieces of codes that can be embedded into the native Wireshark. Plugins help in
analysis by:

• Showing parameter specific statistics and insights.

• Handling capture files and issues related to their formats.
• Collaborating with other tools and frameworks to set up an all-in-one network monitoring
solution.

With just the basic capability to see all the traffic going through your device or in your LAN and the
tools and plugins to help you in analysis, you can do a great deal of things with your device. Like:

• Troubleshooting Internet connectivity problems with your device or WiFi.

• Monitoring your device for unwanted traffic that may be an indication of a malware infection.
• Testing the working of your application that involve networking.
• Using it to just understand how computer networks work.

PIET-DS(CE) Page 54
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Command Prompt (cmd):-

PIET-DS(CE) Page 55
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Practical -9

Aim : Capturing Password using Wireshark

Solution :- Sniffing of Login Credential or Password Capturing in Wireshark

Wireshark is a free and open-source packet analysis tool that lets you capture and analyze network
traffic in real-time. It is available for Windows, macOS, and Linux operating systems.
Wireshark captures network packets and displays the captured data in a human-readable format for
easy analysis and troubleshooting of network issues. It can scan a variety of network protocols
including TCP, UDP, HTTP, DNS, etc.
So, in this article, we will understand how we can perform the sniffing of login credentials or how to
capture the password using Wireshark. and also see the overview of the Wireshark tool in terms of
network security.

Password Capturing

Wireshark can capture not only passwords but any type of information transmitted over the network:
usernames, email addresses, personal information, etc. As long as we can capture network traffic,
Wireshark can sniff passing passwords.
In sniffing can include passwords for various protocols such as HTTP, FTP, Telnet, etc. the captured
data can be used to troubleshoot network problems, but can also be used maliciously to gain
unauthorized access to sensitive information.
So, here we will see how we can capture the password using the Wireshark network capture
analyzer. and see the outputs of the following steps.
Step 1: First of all, open your Wireshark tool in your window or in Linux virtual machine. and start
capturing the network. suppose I am capturing my wireless fidelity.

PIET-DS(CE) Page 56
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Step 2: After starting the packet capturing we will go to the website and login the credential on that
website as you can see in the image.

PIET-DS(CE) Page 57
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Step 3: Now after completing the login credential we will go and capture the password in
Wireshark. for that we have to use some filter that helps to find the login credential through the
packet capturing.

Step 4: Wireshark has captured some packets but we specifically looking for HTTP packets. so in
the display filter bar we use some command to find all the captured HTTP packets. as you can see in
the below image the green bar where we apply the filter.

Step 5: So there are some HTTP packets are captured but we specifically looking for form data that
the user submitted to the website. for that, we have a separate filter
As we know that there are main two methods used for submitting form data from web pages like
login forms to the server. the methods are-
• GET
• POST

PIET-DS(CE) Page 58
 Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

Step 6: So firstly for knowing the credential we use the first method and apply the filter for the GET
methods as you can see below.
http.request.method == "POST"

As you can see in the image there are two packets where the login page was requested with a GET
request as well, but there is no form data submitted with a GET request.
Step 7: Now after checking the GET method if we didn’t find the form data, then we will try the
POST method for that we will apply the filter on Wireshark as you can see.

As you can see we have a packet with form data click on the packet with user info and the
application URL encoded. and click on the down-
HTML form URL Encoded where the login credential is found. login credential as it is the same that
we filed on the website in step 2.

Form item: "uname" = "shlok"

Form item: "pass" = "shlok1234"

PIET-DS(CE) Page 59
Advanced Computer Network-Lab (03606384) Enrollment No: 2203396160121

PIET-DS(CE) Page 60