Learning Objectives

advertisement
Wireshark
Monitoring Packet
Learning Objectives
• Upon completion of this lab, you will be able
to:
– Explain the header fields in an Ethernet II frame.
– Use Wireshark to capture and analyze Ethernet II
frames.
Intro
•
•
•
•
•
•
Wireshark is a software protocol analyzer, or "packet sniffer" application, used for
network
troubleshooting, analysis, software and protocol development, and education.
Before June 2006, Wireshark was known as Ethereal.
A packet sniffer (also known as a network analyzer or protocol analyzer) is
computer software that can intercept and log data traffic passing over a data
network. As data streams travel back and forth over the network, the sniffer
"captures" each protocol data unit (PDU) and can decode and analyze its content
according to the appropriate RFC or other specifications.
Wireshark is programmed to recognize the structure of different network
protocols. This enables it to display the encapsulation and individual fields of a
PDU and interpret their meaning.
It is a useful tool for anyone working with networks and can be used with most
labs in the CCNA courses for data analysis and troubleshooting.
For information and to download the program go to - http://www.Wireshark.org
• When upper layer protocols communicate with each
other, data flows down the OSI layers and is
encapsulated into a Layer 2 frame. The frame
composition is dependent on the media access type.
– For example, if the upper layer protocol is TCP/IP and the
media access is Ethernet, then the Layer 2 frame
encapsulation will be Ethernet II.
• When learning about Layer 2 concepts, it is helpful to
analyze frame header information. The Ethernet II
frame header will be examined in this lab. Ethernet II
frames can support various upper layer protocols, such
as TCP/IP
• Versi II adalah spesisfikasi yang telah digunakan secara
luas, versi ini lebih dikenal dengan sebutan DIX, yang
merupakan huruf-huruf pertama dari ketiga
perusahaan yang mendukung standar ini yaitu : DEC,
Intel dan Xerox. Berikut merupakan frame format
ethernet versi II
Example
•
•
From the information contained in the Packet List window for the first frame,
answer the following questions about the destination and source MAC address:
Destination Address:
– MAC address: ____ 48 5d 60 5b e6 a1 ___
– NIC manufacturer: ____Azurewav______
– NIC serial number: ____5b:e6:a1____
•
Source Address:
– MAC address: ___90:f6:52:f1:cc:ca___
– NIC manufacturer: __Not shown____
– NIC serial number: ___ Not shown _____
•
•
•
•
•
•
•
•
Destination Address:
MAC address: ____ff:ff:ff:ff:ff:ff___
NIC manufacturer: ____does not apply______
NIC serial number: ____does not apply____
Source Address:
MAC address: ___00:16:76:ac:a7:6a___
NIC manufacturer: __Intel____
NIC serial number: ___ ac:a7:6a _____
Download