wireshark amp tcp lab |cheapassignmenttutors.com

wireshark amp tcp lab | cheapassignmenttutors.com

1 Objective In this lab, you will investigate the behavior of TCP by analyzing a trace of the TCP segments sent and received in transferring a file from a server to a client. Specifically, you will accomplish the following: • Experiment with TCP connections; • Analyze TCP network traffic • Experiment with wireshark, traffic monitoring and filters. 2 What is Wireshark? Wireshark is an open source software project, and is released under the GNU General Public License (GPL). You can freely use Wireshark on any number of computers you like, without worrying about license keys or fees or such. In addition, all source code is freely available under the GPL. Wireshark is a network packet analyzer. It tries to capture network packets and tries to display that packet data as detailed as possible. You could think of a network packet analyzer as a measuring device used to examine what’s going on inside a network cable. Here are some examples people use Wireshark for: • Network administrators use it to troubleshoot network problems • Network security engineers use it to examine security problems • Developers use it to debug protocol implementations • People use it to learn network protocol internals Beside these examples Wireshark can be helpful in many other situations too. Wireshark allows: • Live capture from many different network media: Wireshark can capture traffic from many different network media types – and despite its name – including wireless LAN as well. • Import files from many other capture programs Wireshark can open packets captured from a large number of other capture programs. • Export files for many other capture programs: Wireshark can save packets captured in a large number of formats of other capture programs. • Many protocol dissectors such as TCP, IP, DNS, ICMP, etc. The following are some of the many features Wireshark provides: • Available for UNIX, Mac and Windows. • Capture live packet data from a network interface. • Open files containing packet data captured with tcpdump/WinDump, Wireshark, and a number of other packet capture programs. • Import packets from text files containing hex dumps of packet data. • Display packets with very detailed protocol information.