Scribd
Upload
53 views10 pages

Wireshark

Uploaded by

Haris Balaji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
53 views10 pages

Wireshark

Uploaded by

Haris Balaji
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Ex.

No:2 Generate TCP,UDP,ICMP packet using TCP-NPing and analyze the packet structure
using TShark or Wireshark tool.

AIM:

To Generate TCP,UDP,ICMP packet using TCP-NPing and analyze the packet structure using
Wireshark tool.

TOOLS REQUIRED:

WIRESHARK – It is a network protocol analyzer used for capturing and inspecting data packets
traveling through a network to diagnose issues, analyze performance, and ensure security.

NMAP – It is a network scanning tool used to discover hosts and services on a network, perform
security audits, and identify open ports and vulnerabilities.

WIRESHARK INSTALLATION:
NMAP INSTALLATION:
TCP:

Transmission Control Protocol – It is a connection-oriented protocol that ensures reliable, ordered,


and error-checked delivery of data.

Command: nping –tcp -p 80 www.google.com

Wireshark Analysis:

Ethernet Header - Destination MAC Address, Source MAC Address, Ethernet type.

IP Header – Version, Header Length, Type Of Service, Total Length, Identification, Flags, Fragment
Offset, Time To Live, Protocol, Header Checksum, Source IP Address, Destination IP Address.

TCP Header – Source Port, Destination port, Sequence Number, Acknowledgement Number, Data
offset, Flags, Window Size, Checksum, Urgent Pointer.
UDP:

User Datagram Protocol – It is a connectionless protocol used for fast, lightweight data
transmission without guaranteed delivery.

Command – nping –udp -p 53 www.w3schools.com

Wireshark Analysis:

Ethernet Header - Destination MAC Address, Source MAC Address, Ethernet type.

IP Header – Version, Header Length, Type Of Service, Total Length, Identification, Flags, Fragment
Offset, Time To Live, Protocol(17), Header Checksum, Source IP Address, Destination IP Address.

UDP Header – Source Port, Destination port, Length , Checksum.


ICMP:
Internet Control Message Protocol – It is used for sending error messages and operational
information in network diagnostics and control.

Command – nping –icmp www.youtube.com

Wireshark Analysis:

Ethernet Header - Destination MAC Address, Source MAC Address, Ethernet type.

IP Header – Version, Header Length, Type Of Service, Total Length, Identification, Flags, Fragment
Offset, Time To Live, Protocol(1), Header Checksum, Source IP Address, Destination IP Address.

ICMP Header – Type, Code, Checksum, Rest Of Header.


GET THE USERNAME AND PASSWORD FROM THE INSECURE WEBSITE:
HTTP HOST LOAD DISTRIBUTION:

This is used for


• Identify which hosts are most frequently accessed.
• Analyse the traffic load for each host.
• Understand the distribution pattern of HTTP requests among different hosts.
GENEARATE TRAFFIC WITH NPING AND CAPTURE IT:

Command - nping --source-ip 192.168.1.100 google.com


Filter - ip.src == 192.168.1.100
This is used for:
• Network Diagnostics: Generate traffic to test connectivity and identify issues like
latency or packet loss.
• Security Testing: Simulate and analyse network responses to ensure security
measures are effective.
• Performance Monitoring: Capture traffic to monitor and optimize the performance of
specific network devices and applications.
CUSTOM PAYLOAD IN TCP PACKETS:
Command - nping --tcp -p 80 --data-string "CustomPayload" google.com
Filter - tcp.port == 80 && frame contains 437573746f6d5061796c6f6164

This is used for


• Testing Data Transmission: Verify that custom payloads are transmitted correctly over TCP
connections.
• Security Analysis: Check how firewalls and intrusion detection systems handle specific data
patterns.
• Application Debugging: Ensure applications correctly receive and process custom data within
TCP packets.

You might also like