Skip to content

Week 2’s TOTW: wireshark

September 13, 2011

Our Tool of the Week for Week 2 is wireshark. There is a known bug in Backtrack 5 R1’s wireshark. It can be fixed by running apt-get remove wireshark and then reinstalling it with apt-get update ; apt-get install wireshark.

The Wireshark wiki documentation has some sample PCAP files for a variety of protocols and applications. Pick 2 of these captures from the SampleCaptures page and analyze them in Wireshark. For each capture answer the following questions:

  • What protocol/application is in the sample and how is it being used?
  • How many packets, bytes and IPs are involved in the sample packets?

Also describe any issues you had using wireshark and/or things you learned while completing this exercise.

Due: Sunday 9/18/2011 via Blackboard

From → Tool of the Week

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: