Scribd
Upload
48 views

Wireshark Modifier

Wireshark is a free and open-source packet analyzer that allows users to examine network traffic and analyze protocol interactions. It can be used by network administrators to troubleshoot issues, security engineers to examine security problems, developers to debug protocol implementations, and more. Wireshark can capture live packet data from a network interface, open saved packet captures, import hex dumps, and display detailed protocol information for each packet. It is available for both Windows and UNIX systems and supports filtering packets and searching packet content.

Uploaded by

lina marina
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
48 views

Wireshark Modifier

Wireshark is a free and open-source packet analyzer that allows users to examine network traffic and analyze protocol interactions. It can be used by network administrators to troubleshoot issues, security engineers to examine security problems, developers to debug protocol implementations, and more. Wireshark can capture live packet data from a network interface, open saved packet captures, import hex dumps, and display detailed protocol information for each packet. It is available for both Windows and UNIX systems and supports filtering packets and searching packet content.

Uploaded by

lina marina
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 25

University Abdelhamid Ibn Badis-Mostaganem

Subject: WireShark

Presented by: Teacher :


• Bardad nezha. Dr.C.M.Bentaouza
• Amrane hafidha.
• Belhachmia mohamed ibrahim.

university year: 2019/2020


What is Wireshark?
 Wireshark is a network packet analyzer. A
network packet analyzer presents captured packet
data in as much detail as possible.
 You could think of a network packet analyzer as a
measuring device for examining what’s happening
inside a network cable, just like an electrician uses
a voltmeter for examining what’s happening inside
an electric cable (but at a higher level, of course).
 In the past, such tools were either very expensive,
proprietary, or both. However, with the advent of
Wireshark, that has changed. Wireshark is
available for free, is open source, and is one of the
best packet analyzers available today.
Some uses of Wireshark:
 Network administrators use it to troubleshoot network
problems.
 Network security engineers use it to examine security
problems.
 QA engineers use it to verify network applications.
 Developers use it to debug protocol implementations.
 People use it to learn network protocol internals.
Features:
 Available for UNIX and Windows.
 Capture live packet data from a network interface.
 Open files containing packet data captured with
tcpdump/WinDump, Wireshark, and many other packet
capture programs.
 Import packets from text files containing hex dumps of
packet data.
 Display packets with very detailed protocol information.
 Save packet data captured.
 Export some or all packets in a number of capture file
formats.
 Filter packets on many criteria.
 Search for packets on many criteria.
 Colorize packet display based on filters.
Open Source Software:
 Wireshark is an open source software project, and is
released under the GNU General Public License (GPL).
You can freely use Wireshark on any number of
computers you like, without worrying about license
keys or fees or such. In addition, all source code is
freely available under the GPL. Because of that, it is
very easy for people to add new protocols to Wireshark,
either as plugins, or built into the source.
How to install Wireshark ?
Download software on: https://www.wireshark.org/#download and
follow the steps to the letter to properly install WireShark.
Take a capture:
 To take a capture, first select the network card on which you want to
capture.
 On the screenshot below, there is only one network card, but it is possible
that there are several ( Wifi card, virtual network card, …).
 Then click on « Start a new live capture » as shown in the screenshot below.
 To stop the capture, click on « Stop the running live capture » as shown in the
screenshot opposite.
Analyze a capture:
 The screenshot below identifies 4 important areas in the wireshark windows:
 The filter zone: here we can type a filter that will allow us to see only the
frames that interest us. For exmaple here the filter only lets see the frames
whose protocol is HTTP and (&&) whose source or (||) destination IP address
is 46.30.212.249.

You might also like