Wireshark is free. Before you start this activity, download and install it from www.wireshark.org.

1. Start Wireshark.

2. Click on Capture and then Interfaces. Click the Start button next to the active interface (the one that is receiving and sending packets). Your network data will be captured from this moment on.

3. Open your browser and go to a Web page that you have not visited recently (a good one is www.iana.org).

4. Once theWeb page has loaded, go back toWireshark and stop the packet capture by clicking on Capture and then Stop (the hot key for this is Ctrl + E).

5. You will see results similar to those in Figure 1-9. There are three windows below the tool bar:

a. The top window is the Packet List. Each line represents a single message or packet that was captured by Wireshark. Different types of packets will have different colors. For example, HTTP packets are colored green. Depending on how busy your network is, you may see a small number of packets in this window or a very large number of packets.

b. The middle window is the Packet Detail. This will show the details for any packet you click on in the top window.

c. The bottom window shows the actual contents of the packet in hexadecimal format, so it is usually hard to read. This window is typically used by network programmers to debug errors.

6. Lets take a look at the packets that were used to request the Web page and send it to your computer. The application layer protocol used on the Web is HTTP, so well want to find the HTTP packets. In the Filter toolbar, type http and hit enter.

7. This will highlight all the packets that contain HTTP packets and will display the first one in Packet Detail window. Look at the Packet Detail window in Figure 1-9 to see the PDUs in the message weve highlighted. Youll see that it contains an Ethernet II Frame, an IP packet, a TCP segment, and an HTTP packet. You can see inside any or all of these PDUs by clicking on the +box in front of them. In Figure 1-9, youll see that weve clicked the +box in front of the HTTP packet to show you whats inside it.

Deliverables

1. List the PDU at layers 2, 3, and 4 that were used to transmit your HTTP GET packet.

a. Locate your HTTP Get packet in the Packet List and click on it.

b. Look in the Packet Detail window to get the PDU information.

2. How many different HTTP GET packets were sent by your browser? Not all the HTTP packets are GET packets, so youll have to look through them to

3. List at least five other protocols that Wireshark displayed in the Packet List window. You will need to clear the filter by clicking on the Clear icon that is on the right of the Filter toolbar.

I JUST NEED PICTURES!