Home arrow Site Administration arrow Page 4 - How to Use Wireshark Network Analyzer

Basic installation of Wireshark - Administration

Do you need to sniff out and spy on network communications in a LAN, WAN or any network configuration? Or have you found yourself in a difficult situation troubleshooting network-related problems inside and outside of your network? Then you need a network analyzer to examine the packets going into and out of certain media. Wireshark can help. Keep reading to find out how.

TABLE OF CONTENTS:
  1. How to Use Wireshark Network Analyzer
  2. Warning: transmitting/receiving sensitive information
  3. Some important terms
  4. Basic installation
By: Codex-M
Rating: starstarstarstarstar / 6
January 05, 2010

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Now that you know the principles of networking that govern the operation and analysis of Wireshark packets, you are ready to install Wireshark. Follow the steps below:

Step 1. Download Wireshark. Always download the latest stable release. At the time this tutorial was written, the version used was Version 1.2.1.

Step 2. Install Wireshark on your computer. Installation is very easy. Also install the associated third party applications, because you will need them (example: WinPcap).

Step 3. Once installed, you need to be acquainted with the basic features. Launch Wireshark. The first thing you see is the Wireshark Dashboard panel.

The most important part of the Dashboard panel is the "Capture" section. This is where you can select the type of device you need to capture. These are found under the "Interface list." Detailed customization of settings can be found under "Capture options." For selecting and customizing the interface, keep reading.

Selecting and customizing the network interface

In the above screen shot, there are three interfaces shown. However, do note that NOT all interfaces are active. These means not all of those three interfaces are capturing packets in your computer. To double check which interface is the actual active LAN card, you can click the "Interface List" (see screen shot above).

Look at the "Packets" and "Packets/s" column. The active interface should capture packets and you should see one interface that is capturing packets. If everything seems to look blank, try to initiate HTTP traffic by opening your browser and surfing websites; there should be one capturing packets. For example, see below:

In the above screen shot, Realtek RTL8139 Family Fast Ethernet Adapter is the active interface for which you can capture packets.

The lesson here is that you can capture packets via Wireshark from any active network card you are using for LAN. When you browse the web (or perform any network activity), the packets column will show figures indicating the number of packets received and speed of packets passing (i.e. how many per second).

You can even use this information for network card troubleshooting, to see if the LAN interface is receiving packets. In the second part of this tutorial we will look at data interpretation, packet analysis and actual/advanced applications of Wireshark.



 
 
>>> More Site Administration Articles          >>> More By Codex-M
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

SITE ADMINISTRATION ARTICLES

- Coding: Not Just for Developers
- To Support or Not Support IE?
- Administration: Networking OSX and Win 7
- DotNetNuke Gets Social
- Integrating MailChimp with Joomla: Creating ...
- Integrating MailChimp with Joomla: List Mana...
- Integrating MailChimp with Joomla: Building ...
- Integrating MailChimp with Joomla
- More Top WordPress Plugins for Social Media
- Optimizing Security: SSH Public Key Authenti...
- Patches and Rejects in Software Configuratio...
- Configuring a CVS Server
- Managing Code and Teams for Cross-Platform S...
- Software Configuration Management
- Back Up a Joomla Site with Akeeba Backup

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: