Scribd
Upload
36 views8 pages

Cyber 1

The document provides a comprehensive guide on using Wireshark, a network packet analyzer, including installation steps and basic packet inspection techniques. It outlines the process for analyzing HTTP, DNS, and SMTP protocols, detailing commands and filters to capture and examine network traffic. The workshop aims to enhance understanding of data transmission and reception across different OSI layers using Wireshark.

Uploaded by

rastogi.khushi1507
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views8 pages

Cyber 1

The document provides a comprehensive guide on using Wireshark, a network packet analyzer, including installation steps and basic packet inspection techniques. It outlines the process for analyzing HTTP, DNS, and SMTP protocols, detailing commands and filters to capture and examine network traffic. The workshop aims to enhance understanding of data transmission and reception across different OSI layers using Wireshark.

Uploaded by

rastogi.khushi1507
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Cyber Security Workshop

Introduction to Wireshark
Wireshark is a network packet analyzer. A network packet analyzer presents captured packet data in as
much detail as possible.

You could think of a network packet analyzer as a measuring device for examining what’s happening inside
a network cable, just like an electrician uses a voltmeter for examining what’s happening inside an electric
cable (but at a higher level, of course)
Downloading Steps:

1. Your first step is to head to the Wireshark download page and locate the Windows installer.

Once your file is downloaded, you can open the file from your Download folder.
2. You will be presented with the Wireshark wizard to guide you through the installation. Click
“Next.”

3. Next, you can review, agree to the license agreement, and click “Noted” to continue.
4. The next screen will ask if you want to donate to the Wireshark Foundation to help support
Wireshark and Sharkfest at https://wiresharkfoundation.org/. Click “Next” when finished.
5. Next, you will be asked what components you want to install. You can make your choice and then
click “Next.”

6. The following screen will ask if you want to create any shortcuts and if you want to associate trace
file extensions with Wireshark (recommended).
7. Now you must install Ncap (an open-source library for packet capture and network analysis). It’s
a library allowing Wireshark to capture and analyze network traffic effectively. It enhances
Wireshark's capabilities by providing optimized packet capture.
8. Wireshark will now begin the installation process.

Objective 1:
Basic Packet Inspection: Capture network traffic using Wire shark and analyze basic protocols like HTTP,
DNS, and SMTP to understand how data is transmitted and received.
Tool Used: Wireshark

Protocols used in different OSI Layers:

SENDER/ BROWSER RECEIVER/SERVER


Commands used for making Reference Table:
• Ipconfig /all (for getting information of local host)
• arp -a (for getting MAC address of Gateway)
• ping httpforever.com for capturing http packets
1. Steps to Analyse HTTP protocol
Step 1: Open ether/wifi adapter in wireshark
Step2: Apply http filter as given below:
Step 3: Start Capturing
Step 4: open httpforever.com in the browser
Step 5: Analyse the TCP data (source port, destination port), source Mac, Destination Mac, Source Ip etc.
and compare it with the reference table
Step 6: check 3way handshaking befor establishing http connection by using the filter tcp.port==56368*
Step 7: Now finally record the data for http header in the table given below:

2. Steps to analyse DNS protocol

DNS:
Command for cmd:
ipconfig /displaydns
ipconfig /flushdns

DNS observation
Step 1: Start capturing via Wireshark
Step 2: ping nptel.ac.in (command prompt)
Step 3: Apply dns protocol filter in wireshark
Step 4: Observe the data in the given table:

3. Step to analyse SMTP protocol


Step 1: Start capturing via Wireshark
Step 2: Enable the telnet feature by usin windows feature service
Step 3: telnet gmail-smtp-in.l.google.com 25 (command prompt)
Helo sahil
quit
Commands to use:

Step 3: Apply smtp protocol filter in wireshark

Step 4: Observe the data in SMTP:

You might also like