0%

Cyber Security: using wireshark to trace packets

Wireshark is a network packet analyzer. It will try to capture network packets and tries to display that packet data as detailed as possible.

Abstract: Install Wireshark and use it to trace the packet I generated, find my IP address.

Methods:

  1. Go to wireshark pages, read some basic knowledge of wireshark, then download wireshark Windows Installer(64-bit), according to the instructions to install it on my windows operating system.

  2. go to desktop to open Wireshark up, double click “*Wi-Fi” link,it will show a “Capturing from my local area connection” to see the packets captured here.

  3. Open a browser and input a website, such as www.qwerty.com to generate the traffic.

  4. Go back to wireshark to toolbar to click the red button “stop”.

  5. Save this screen to my computer as “wireshark_1.pcapng”

  6. go to wireshark tool bar to open “view-time display format” to choose “seconds since previous displayed packets”

  7. go to the toolbar to open “edit-find packet” in search frame to input “qwerty”, select the “string” to narrow the search, or you can just input “dns” as search key to see what is the output is. I also click the Proctol HTTP to follow the stream.

  8. take a screenshot

  9. go to windows command to input “ipconfig /all “ command to get my ip address 192.168.0.140

  10. take a screenshot

Results:

I found my IP address in Wireshark trace
I also found the packets from the website I just visited and follow its HTTP stream.