Sie sind auf Seite 1von 8

Varun M Deshpande

MSRIT, ISE

INTRO TO NETWORK
ANALYSERS
Wireshark
NETWORK ANALYSIS

 What ?
 A program that monitors the data traveling through the network passively
 Receives a copy of packets that are sent/received from/by applications and
protocols running on your machine

 Why ?
 Capture, Decode and Analyze Network Traffic
 What is the network traffic pattern
 How is the traffic being shared between nodes

 Who?
 System Admins
 Malicious Individuals

 How ?
 Network Analysis tools like
 Wireshark, Ethereal, Windump etc

Copyright Mukthi 9.11


Copyright Mukthi 9.11
WIRESHARK
 Formerly called Ethereal
 An open source packet analyzer
 free with many features
 Decodes over 750 protocols
 Compatible with many other sniffers

 Plenty of online resources are available

 Supports command-line and GUI interfaces


 TSHARK (offers command line interface) has three
components
 Editcap
 Mergecap

 text2pcap

Copyright Mukthi 9.11


Wireshark – Application for Sniffing Packets

WinPcap – open source library for packet


capture
Operating System – Windows & Unix/Linux

Network Card Drivers – Ethernet/WiFi Card

Ethernet Card

Copyright Mukthi 9.11


Multiservice Networks
CS420: High Speed Multimedia and
Packet
Details of #215:
the HTTP
selected packet
packet
(#215)

Raw data
(content of
packet # 215)
6

Copyright Mukthi 9.11


CS420: High Speed Multimedia and
Multiservice Networks
7
packets
Filterin
g HTTP

only

Copyright Mukthi 9.11


THANK U 
varundesh@gmail.com
http://Varunmdeshpande.com