Please HELP!! I have a question about Wireshark?!?

Question:

Kimberly

2011-07-07 10:32:23 UTC

I am working on this assignment and I am not very familiar with Wireshark. Our last assignment was to capture a data stream (packet) sent through the network (I used www.tusco.net). Now this assignment is to analyze that data stream and list the items included within it. At minimum, I need to find the destination (receiving) address and the data message itself. Other things we can find are network commands, sync characters, error checking components, etc. Please help me if you understand Wireshark or at least give me some tips of how I can complete this assignment... any help is much appreciated!! thank you!

Three answers:

Cool Story Bro

2011-07-07 12:16:22 UTC

With Wireshark most of the info you need is right there on the main screen. It shows Source IP, Destination IP, Protocol and a little bit of info on each packet.

Below the main window is a widow that breaks down the highlighted packet (from the main window). Each packet is broken down into sections like the Ethernet, IP and TCP (or UDP) headers and finally the actual data. Click on the + next to each section to get a closer look.

The bottom window shows the actual bits in hex.

Hope this helps.

2011-07-07 12:06:03 UTC

It has a GUI interface. Just click on stuff. It has the usual (+) and (-) boxes to expand fields and drill down.

If you right-click on a sequence like an HTTP transaction, there is an option "follow TCP stream" which will then print all the HTTP commands in one window and hide the tcp/ip stuff

Normally, name resolution is turned off to speed up decoding. Once you have a captured packet, you can go to, I think, "View" and select "network address". Then when you click on entries, the addresses will be decoded. Or you can re-read the whole file and it will show in the basic display

It shows the whole layered structure, from wifi (if you captured the stream on a device that does that) through ethernet, internet protocol, tcpudp and application layer (HTTP, FTP etc.). Clicking on each layer will light up the bytes in the hex window, and you can drill down into each option and flag at each layer.

If you want to cut-and-paste text into a report, the text version tshark in verbose mode may be better

cavallo

2016-12-04 16:39:54 UTC

you need to attempt utilising gadget restoration.. Press ''Ctrl'' + ''Alt'' + ''Delete'' on an identical time to develop activity supervisor. choose ''new activity'' from the backside good and grace in MSCONFIG then press ''ok'' this ought to develop ''gadget Configuration utility'' choose ''conventional Startup'' and then click ''launch gadget fix'' click ''fix my pc to an till now time'' chosen a ambitious date from earlier she have been given the virus then proceed :-) even if, you will lose all documents created after the fix date, so be careful.

ⓘ

This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.

about - legalese