Scribd
Upload
11 views4 pages

Name: Ayush Thakare Reg - no:22BCE10659

cn

Uploaded by

Ayush Thakare
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views4 pages

Name: Ayush Thakare Reg - no:22BCE10659

cn

Uploaded by

Ayush Thakare
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Name: Ayush Thakare

Reg.no:22BCE10659

Experiment No.-10: Wireshark Packet Analysis – Basic Protocols Packets


Objective:
To use Wireshark software to capture and analyze packets of basic networking
protocols such as:

 TCP (Transmission Control Protocol)

 UDP (User Datagram Protocol)

 ARP (Address Resolution Protocol)

 ICMP (Internet Control Message Protocol)

What is Wireshark?
Wireshark is a free and open-source packet analyzer. It is used for:

 Network troubleshooting

 Protocol analysis

 Packet-level debugging

 Security auditing
It captures all traffic flowing through a network interface and displays each
packet's contents in detail.

Basic Protocols Covered:


🔵 1. TCP (Transmission Control Protocol)
 Type: Connection-oriented

 Use: Reliable data transfer (e.g., HTTP, FTP)

 Features in Wireshark:
o 3-Way Handshake: SYN, SYN-ACK, ACK
o Sequence and Acknowledgment numbers
o Retransmissions

🔵 2. UDP (User Datagram Protocol)


 Type: Connectionless
Name: Ayush Thakare
Reg.no:22BCE10659

 Use: Faster but less reliable (e.g., DNS, VoIP)

 Features in Wireshark:
o Source & destination ports
o Simple header without handshake

🔵 3. ARP (Address Resolution Protocol)


 Use: Resolves IP address to MAC address in LAN

 ARP Packet Types:


o ARP Request
o ARP Reply

 Features in Wireshark:
o “Who has 192.168.1.1? Tell 192.168.1.2”

🔵 4. ICMP (Internet Control Message Protocol)


 Use: Diagnostic messages like ping and traceroute

 ICMP Packet Types:


o Echo Request (Type 8)
o Echo Reply (Type 0)

 Features in Wireshark:
o Useful for observing packet loss or unreachable hosts

Procedure (Wireshark Steps):


1. Start Wireshark and select the appropriate network interface.
2. Click "Start Capture".
3. Run commands or actions that generate protocol traffic:
o Use ping to generate ICMP.
o Open a website (HTTP) to generate TCP.
o Use an app like DNS lookup for UDP.
4. Stop Capture after a few seconds.
Name: Ayush Thakare
Reg.no:22BCE10659

5. Use the Filter Bar in Wireshark:


o tcp – to view TCP packets
o udp – to view UDP packets
o arp – to view ARP requests/replies
o icmp – to view ICMP traffic
6. Inspect packet details in the middle pane.
o Click a packet and expand its protocol layers.

Sample Wireshark Screenshots (Add in Report):


(Use your system to capture the following)

 TCP 3-Way Handshake

 UDP DNS Query

 ARP Request/Reply

 ICMP Echo and Reply

Analysis Table:

Protoco
Type Main Fields Observed Use Case
l

Connection-
TCP Src/Dst Port, Seq/Ack, Flags HTTP, FTP, Email
oriented

DNS, VoIP,
UDP Connectionless Src/Dst Port, Length, Checksum
Streaming

IP to MAC
ARP LAN only Sender/Target IP & MAC
Resolution

Type, Code, Identifier, Sequence


ICMP Diagnostic Ping, Traceroute
Number

Conclusion:
Wireshark is a powerful tool for analyzing network protocols and
understanding how data is transferred over a network. This experiment helped
Name: Ayush Thakare
Reg.no:22BCE10659

in visualizing basic protocol behavior and understanding their headers and


functions.

You might also like