[Wireshark]Network traffic analysis with Wireshark!

Objectives

You will learn how to install and capture traffic using Wireshark

You will be familiar with various Wireshark filter.

Why you need to know

Traffic flowing via a network contains various kinds of data. Understanding the packets of data flowing via the network using command line applications is a tedious task, and it is difficult to sort out the required traffic from the live traffic that is flowing via the network. Being a network admin, you need to have Wireshark installed to monitor and capture network traffic.

What is Wireshark

Wireshark is a network packet analyzer, which is used to capture network packets and display packet data in detail.

Network topology

Demo

1:login Domain Controller

2:Install Wireshark

3: Open it and choose your ethernet. I choose Internet

4: Wireshark has three main different panes

Packet list pane displays the capture packets. Each line in the packet lists corresponds to one packet in the capture file. If you selected any one of the line in this pane, more details of that packet will be shown in details and bytes pane.

5: The packet bytes pane shows the data of the current packet in a hexdump style. This way, you can configure wireshark to capture network traffic.

6: Now we analyze the packet using different filters in Wireshark

7: To view HTTP packet capture, type http in Apply a display filter field.