9 Wireshark

This is a brief introduction to wireshark and its utilize

Wireshark is broken into three “Panes”

  • Packet List Pane – list all the packets by No. For more detail, please refer to wireshark documentation here
  • Packet Detail Pane – The layering, encapsulation of the capture. Please be aware of the following terms  Frame (MAC address), Packet (IP/ICMP), Segment (TCP/UDP), followed by the payload or data.
  • Packet Bytes Pane – The “Packet Bytes” pane shows a canonical hex dump of the packet data. Each line contains the data offset, sixteen hexadecimal bytes, and sixteen ASCII bytes. Non-printalbe bytes are replaced with a period (“.”)

 

 

 

  • The top of the user interface for wireshark consist of:
  1. File Menu
  2. View Menu
  3. Go Menu
  4. Capture Menu
  5. Statistics Men
  6. For all menu items, please go to here

Above the Packet List, his the filter option. In the filter, you can filter your selection by protocol, header information, and many others.

Please refer to Wireshark documentation here

 

 

 

 

 

License

Icon for the Public Domain license

This work (Introduction to intrusion detection system by Sung Lee) is free of known copyright restrictions.

Share This Book