Skip to content

WA1. Introduction to Wireshark

This assignment is divided into three parts:

  • Statement: An easy-to-follow re-write of the assignment statement.
  • Answer: The actual answer or response to the assignment.
  • References: A list of references used to complete the assignment.

Statement

You have just been recruited as an associate network engineer by AXY Systems Inc., and you were assigned to a senior engineer who will supervise and mentor you. Your supervisor has issued you a brand new laptop (consider this as a PC if you are using a PC) and has instructed that you need to set up the laptop, install the Wireshark network analyzer tool on it, and familiarize yourself with the tool.

For this assignment, once you have succeeded in installing and familiarizing yourself with the Wireshark environment, complete the following tasks:

  1. Close all open web browsers.
  2. Relaunch Wireshark (Take a screenshot).
  3. Once the Wireshark is open and running, it will display all network interfaces on your computer. Choose the appropriate interface (WiFi for the wireless interface and Local LAN for the wired interface). Please pay close attention to the interface and choose only the interface with network activity (indicated by the graph lines in front of the interface).
  4. Double-click on the chosen network interface (card). Network capture begins automatically. Notice that there is no activity recorded/displayed by Wireshark.
  5. Open a new web browser and browse the UoPeople student portal.
  6. Log in with your username and password.
  7. Open the Course forum and the Announcement forum from the UoPeople student portal.
  8. Go back to Wireshark and you will see too much information being displayed. This information shows the activities that have been carried out on your network. This information could be overwhelming at first, but not to worry, we shall begin analyzing them in the next unit (Take a screenshot of the information).
  9. After about 30 seconds, go to the menu bar and click on capture, then navigate to the stop option and click on it. This ends the capture process.
  10. Go to the menu bar and click on File. Then navigate to the save option and click on it. Save it with a name of your choice.
  11. You have successfully generated and stored your first Wireshark capture. Congratulations!
  12. Now go to the menu bar and click on the File menu. Navigate to open, and locate the file you just saved. Once located, double-click on it. This will display the file in Wireshark.

Answer

Wireshark is a network protocol analyzer or an application that captures packets from a network connection; it is the most widely used packet sniffer in the world. it does three main things: packet capture, filtering, and visualization. (What Is Wireshark and How to Use It | Cybersecurity | CompTIA, 2020).

I installed Wireshark on my laptop (MacOS) using the instructions in the Wireshark User’s Guide. I downloaded the installer and executed it; during the process, it asked me to install the ChmodBPF helper tool, which I did. ChmodBPF is a helper tool that gives Wireshark the necessary permissions to capture packets from the network interfaces (Wireshark User’s Guide, 2024).

Steps 1 - 2

After the installation, I launched Wireshark and took a screenshot of the application window.

wireshark window

Steps 3 - 8

  • I choose Wi-Fi: en0 as the network interface to capture packets from as it is the only one that shows network activity.
  • I started the capture and opened the UoPeople student portal in my web browser (Google Chrome) as instructed.
  • The following screenshots show the Wireshark window at that moment.
  • I may have added a filter on the capturing to only include TCP packets.

wireshark window after capture

Steps 9 - 12

  • I stopped the capture after about 30 seconds and saved the capture file with the name wa1.pcapng.
  • The below screenshot shows the saving process.
  • I also included the saved capture file in the submission.

wireshark saving capture

References

‌ ‌