Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

wireshark

advertisement 


Wireshark is previously known as Ethereal. It
switched name in May 2006 due to trademark
issues .
Step 1.
◦ Download and install wireshark from
website(sourceforge)
◦ http://www.wireshark.org/download.html
◦ Choose “Stable Release 1.4.4”

Step 2.
◦ Start Wireshark, select menu Capture->Options

Step 3.
◦ Choose your network interface.
TA’s Interface
Choose your
own here

Step 4.
◦ Seletct Capture Filter (more on this later)

Step 5.
◦ Click start, and use your computer as usual
After some network use
Before start capturing

Step 6.
◦ After 5 minutes, click “stop
the running live capture”
◦ Now you’ll have A LOT OF packets, with their time,
source and dest. IP, protocol (may be in app.,
transport, or link layer), etc.

Step 7.
◦ You can type filter string into the ”Filter:” box
 E.g. “http” can filter out all packets which are not
HTTP packet
◦ You can right click on a TCP packet, and use “Follow
TCP Stream” to trace this TCP stream
“Follow TCP stream” shows
packets in sequence and the
way that the application layer
sees it.

Step 8.
◦ Now you can see detailed information of this TCP
stream
The stream content is displayed in
the same sequence as it appeared
on the network.
Traffic from A to B is marked in red,
while traffic from B to A is marked
in blue.


1.(10%) Download and install the Wireshark
software:
Go to
http://www.wireshark.org/download.html
and download and install the Wireshark
binary for your computer.

2.(10%) How long did it take from when the
HTTP GET message was sent until the HTTP
OK reply was received


3.(10%)How many HTTP GET request
messages were sent by your browser? To
which Internet addresses were these GET
requests sent?
4.(10%)Can you tell whether your browser
downloaded the two images serially, or
whether they were downloaded from the two
web sites in parallel? Explain.

5.(10%)How many packets were sent from
your local machine and how many from the
remote machine?

Deadline 4/6 23:59
mail to : top90233a@cmlab.csie.ntu.edu.tw

Do not copy others!

遲交一天扣5分

PART1 手寫作業

Ch1 problems: 2, 5, 6, 10, 23(a)(b)

Deadline 3/30 (助教上課前會去收)

Do not copy others!

遲交一天扣5分
Related documents
Wireshark Tutorial – Part 1
Wireshark Tutorial – Part 1
wireshark lecture
wireshark lecture
summary
summary
Wireshark workshop notes
Wireshark workshop notes
Lab 5
Lab 5
Jens adams lab 14
Jens adams lab 14
Lab 9-2-1-6-Lab-Using-Wireshark-to-Observe-the-TCP-3-Way-Handshake
Lab 9-2-1-6-Lab-Using-Wireshark-to-Observe-the-TCP-3-Way-Handshake
How To Filter By Port With Wireshark
How To Filter By Port With Wireshark
Drinking straight from the network hose
Drinking straight from the network hose
8-NetworkSniffing
8-NetworkSniffing
lab-tcp - eej.ulst.ac.uk
lab-tcp - eej.ulst.ac.uk
Nama : Fredric S.J Lesomar Nim : 123310018 CCNA Exploration
Nama : Fredric S.J Lesomar Nim : 123310018 CCNA Exploration
Download
advertisement