Wireshark

The first packet captured was from the library.

Number of packets: 1,721

Time(length of the capture): 43.98 secs

The picture below displays a few of the packets included in the capture.

The first packet captured was from the Student Center.

Number of packets: 533

Time (length of the capture): 65.65 secs

The picture below displays a few of the packets included in the capture.

Wireshark is a program with many features that are useful to security analyst. Wireshark is defined as a network packet analyzer [1]. A network packet analyzer attempts to capture network packets and display detailed information about the packet [1]. Wireshark is one of the best open source packet analyzers today. It is used by network administrators to troubleshoot network problems, network security engineers to examine security problems, developers to debug protocol implementations, and by other people to learn network protocol internals. It has many features that help to accomplish these goals. A screenshot of Wireshark is shown below.

This startup is the startup screen. The middle of the pane shows recent packet captures and a button to select sample captures from the Wireshark wiki. Other links on the startup screen takes you to places on the Wireshark website. Capture options allows you to set detailed options for what packets you capture. A screenshot is shown below.

You can select which interface to capture on and automatically terminate a capture with these options. You can also select which interface to use under the interface list. In order to start a basic capture, you simple press the start button. Once pressed the screen looks like the screen shot below.

The top part of the window is the packet list. Each item is one packet. The middle portion of the window is the packet detail. The information of whatever packet is highlighted will be shown in this area. The bottom section shows the bytes within the current highlighted packet. In the packet list,...