Home arrow Site Administration arrow How to Use Wireshark Network Analyzer

How to Use Wireshark Network Analyzer

Do you need to sniff out and spy on network communications in a LAN, WAN or any network configuration? Or have you found yourself in a difficult situation troubleshooting network-related problems inside and outside of your network? Then you need a network analyzer to examine the packets going into and out of certain media. Wireshark can help. Keep reading to find out how.

TABLE OF CONTENTS:
  1. How to Use Wireshark Network Analyzer
  2. Warning: transmitting/receiving sensitive information
  3. Some important terms
  4. Basic installation
By: Codex-M
Rating: starstarstarstarstar / 6
January 05, 2010

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

One of the most popular open source network analyzers is Wireshark. Since it is open source, you can use it for all purposes as long as you abide by their terms of use, whether for personal, commercial or education-related projects.

This article is for readers who are entirely new to Wireshark and network packet analysis. Because of the broad nature of this tutorial, it is divided into two parts. The first part discusses important network communication concepts, terminology and getting started on Wireshark. The second part will discuss data interpretation, packet analysis and show actual/advanced applications of Wireshark.

What is a Network Analyzer?

A network analyzer is used to analyze ALL of the information that passes into and out of a network interface/LAN card. This reveals the details of communication that pass through these interfaces. This information comes in the form of "packets" (I'll define this word in the next section). By using Wireshark and analyzing packets, a network administrator can gather the information that passes through the interface.

The screen shot below shows how the information (used by an application at the user's machine) is being converted into packets, and the protocols governing the communication (showing different layers):

Wireshark grabs packets in the transport/Internet layer. The governing protocols are TCP and IP; together, they are commonly called "TCP/IP" or the "Internet protocol suite." Since this is a packet switch network (a network based on packets communication), the data will be sent to the correct receiving machine based on the information found in the header of the packets. More detailed information about "packets" will be discussed later.

These are very important things to do, especially if you are assigned as a network administrator to examine/protect the information being transmitted away from the infrastructure. For example, if the computers on which you are working handles highly classified information, you can use Wireshark to double check whether those packets send outside the machines are encrypted. This will confirm that the encryption protocol of the machines is working (or warn you that it isn't).

Another example: if sensitive information, such as passwords, is not encrypted, it can be intercepted in clear text form during the packet analysis using Wireshark. This is both good news and bad news for the machine's users. The good thing is that, if the administrator regularly monitors and saves the packets, once the password is forgotten, it can be traced in the packet monitoring records. Another good application is to double check sensitive communication to make sure that the information is securely encrypted (i.e. confirming an SSH/Secure shell connection).



 
 
>>> More Site Administration Articles          >>> More By Codex-M
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: