Jump to navigation Jump to search
Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. These activities will show you how to use Wireshark to capture and filter network traffic using a display filter.
Readings[edit | edit source]
Multimedia[edit | edit source]
Preparation[edit | edit source]
To prepare for this activity:
- Start your system Linux or Windows.
- Log in if necessary.
- Install Wireshark.
Activity 1 - Capture Network Traffic[edit | edit source]
To capture network traffic:
- Start a Wireshark capture.
- Use ping 188.8.131.52 to ping an Internet host by IP address.
- Stop the Wireshark capture.
Activity 2 - Use a Display Filter[edit | edit source]
To use a display filter:
- Type ip.addr == 184.108.40.206 in the Filter box and press Enter.
- Observe that the Packet List Pane is now filtered so that only traffic to (destination) or from (source) IP address 220.127.116.11 is displayed.
- Click Clear on the Filter toolbar to clear the display filter.
- Close Wireshark to complete this activity. Quit without Saving to discard the captured traffic.