1 / 18

Intro to Wireshark What is it? What does it do? Why do I need it?

Tech Talk Live 2018. Roy Hoover roy_hoover@iu13.org. Intro to Wireshark What is it? What does it do? Why do I need it?. Wireshark- What is it. Packet Capture Protocol Analyzer Network Analyzer. Wireshark- What does it do. Analyze bits on the wire (or in the air)

naranjo
Download Presentation

Intro to Wireshark What is it? What does it do? Why do I need it?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Tech Talk Live 2018 Roy Hoover roy_hoover@iu13.org Intro to WiresharkWhat is it? What does it do? Why do I need it?

  2. Wireshark- What is it • Packet Capture • Protocol Analyzer • Network Analyzer

  3. Wireshark- What does it do • Analyze bits on the wire (or in the air) • Break down packets into their components • See what’s actually happening on your network

  4. Wireshark- Why do I need it • More detail on problems • Tech support requested a capture • Need to open a .PCAP file • Want to understand network traffic flow in greater detail • “Thorny” problems • Don’t get lost in the weeds!

  5. Wireshark • What is it • Windows, OS X, Linux, and UNIX • Open Source • www.wireshark.org • Pcap • Previously called Ethereal • Promiscuous mode • Legal stuff

  6. OSI Model 7 Application Telnet, e-mail 6 Presentation Pict, GIF 5 Session NFS, SQL 4 Transport TCP,UDP,SPX 3 Network IPv4, IPv6, IPX 2 Data Link Ethernet, Token Ring 1 Physical Copper, Fiber, Radio Waves

  7. Ethernet Frame

  8. Rabbit Hole Serial Communications What settings does a Cisco console port use? 9600 8N1

  9. Serial line sending “OK” At 9600 Bits Per Second 1/(9600 bps) or 104 µs per bit. Decimal Hex Binary 0 0 0000 1 1 0001 2 2 0010 3 3 0011 4 4 0100 5 5 0101 6 6 0110 7 7 0111 8 8 1000 9 9 1001 10 A 1010 11 B 1011 12 C 1100 13 D 1101 14 E 1110 15 F 1111 4F 01001111

  10. IPv4 Packet Ethernet Frame

  11. IPv6 Packet Header Ethernet Frame

  12. Screen Shot

  13. Getting Packets • On your machine • Hub • Switch • Watch your link utilization! • Mirror a port • SPAN • Tap

  14. Live

  15. Install Wireshark 2.6.0 (May 2, 2018)https://www.wireshark.org/#download

  16. Sample Captures https://wiki.wireshark.org/SampleCaptures#Sample_Captures

  17. Questions? • Roy Hoover • roy_hoover@iu13.org

More Related