Capture and Analyze Packets using Wireshark
Wireshark is a free network protocol analyzer. It can be a network administrator's best friend as it can be used to find and resolve a variety of Internet and network related bugs and vulnerabilities.
Instructions
1. Download and install Wireshark by navigating to the Wireshark website (wireshark.org) if you do not already have it.
2. Launch Wireshark. From the tool bar, select "Capture" and then click "Interfaces."
3. If there are several different interfaces listed, determine which one is active. The active interface should have an IP address listed and have several active packets. The number of listed interfaces will vary, depending whether you use Ethernet, Wi-Fi or both.
4. After determining which interface is active, click the "Start" button in the same row. Notice that various packets will now be displayed on Wireshark. If after a couple of seconds you do not see any packets, either you have selected the wrong interface or you don't have an active network connection.
5. When you are finished capturing packets, stop the capture by pressing the red "X" at the top left of the screen.
6. Filter through the packets and use the information as you please. The filter can be used to find specific types of packets and protocols. In the "Filter" search bar, input the type of protocol you want to analyze, such as TCP, HTTP or UDP. Then press "Enter." You can sort through the different layers (Data, UDP, IP, etc) to access specific information you may need such as packet lengths and acknowledgments.
Tags: Analyze Packets, Capture Analyze, Capture Analyze Packets, used find