WIRESHARK PACKET ANALYSIS

MIS467 Telecommunications

AssignmentTutorOnline

Assignment Two – WIRESHARK PACKET ANALYSIS

Download Wireshark. Read through Hands-On Activity 4A on pages 107-109.

WIRESHARK is one of the many tools that permit users to examine the frames in their network. It is called a packet sniffer because it enables you to see inside the frames and packets that your computer sends, as well as the packets and frames sent by other users on your LAN. In other words, you can eavesdrop on the other users on your LAN to see what WEB sites they visit and even the email that they send. It is not recommended that you use it for this purpose, but it is important to understand that someone else could be using the Ethernet to sniff your packets and record what you are doing on the Internet.

  1. Use your browser to connect to www.wireshark.org and download and install the Wireshark software.
  2. When you start Wireshark, you will see a screen like the one pictured in figure 4-14 on page 114 of our Fitzgerald text, minus the two smaller windows on top.
    1. Click Capture
    2. Click Interface
    3. Click the Capture button beside your Wireshark connection (wireless or wired LAN)
  3. Wireshark will capture all the packets moving through your LAN. To make sure that you have something to see, open your WEB browser and visit one or two WEB sites. After you have captured packets for 30-60 seconds, return to Wireshark and click Stop.
  4. Click on the plus sign (+) in front of the HTTP packet to expand it. Read the data.
  5. Click on the plus sign (+) in front of the Ethernet packet to expand it. Read the data’s source and destination address. Is it Internet V4 or V6 format?

Deliverables:

  1. Show the complete layer 1, 2, 3, 4, and 5 PDUs that are used in your network to send a request to a WEB page.
  2. List the source and destination Ethernet addresses on the message.
  3. What value is in the Ethernet TYPE field in the message. WHY?