This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to exactly analyze a packet?

0

Hi guys, so the real purpose of this program is to analyze a packet right? to determine network problems, test network security, and many other more, and i think this is really intended for those who want or is a network analyst. I just want to ask HOW DO YOU EXACTLY ANALYZE A PACKET? Like, i see a UDP or TCP protocol packet, if i open it, what would i read, or what is my aim to understand each of the line? Im really a noob here.. i passed through the "user guide" but it seems it only teaches on how to navigate the wireshark specially the user interface, i can't really find the "ways" or "aims" or i dont really know what to call it, but i cant really find the thing to look for in packet to analyze it. Sorry, for example, i want to know why my network is in very slow download, what would i do to analyze it in wireshark? Sorry to ask guys, but im really eager to learn this, i love networks too, im still a student and i only learned the basics. Hopefully you could help thank you so much.

asked 11 Feb '14, 04:20

newb's gravatar image

newb
1111
accept rate: 0%

edited 11 Feb '14, 05:21

grahamb's gravatar image

grahamb ♦
19.8k330206


One Answer:

2

Like, i see a UDP or TCP protocol packet, if i open it, what would i read, or what is my aim to understand each of the line?

Wireshark is just a tool to view the content of the packets in a certain form (dissected into records/fields). However, without a solid understanding of the typical protocols, it won't help you very much, as you can't interpret the output of Wireshark.

So, if you want to understand the content of the packets, the first step would be to get a solid understanding of the typical protocols (ethernet, ip, tcp, udp, http and many more). Here are some resources to start with:

Books:

There obviously other books about networking. google will help: 'books networking'.

Online resources:

There are also some video tutorials about Wireshark on Youtube (http://www.youtube.com/results?search_query=wireshark%20tutorial - Hint: Please open the link in a separate browser window/tab manually, if clicking the link in your browser does not work).

Regards
Kurt

answered 11 Feb '14, 05:56

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 11 Feb '14, 06:53

2

When's the KK "Answers to all networking questions" book coming out?

(11 Feb '14, 06:52) grahamb ♦
1

Never. You neither get rich nor famous with those kind of books these days, unless you manage somehow to include vampires or other 'interesting aspects of life' into the 'protocol story' ;-)

Maybe something like this, would attract the nerd hordes...

  • Twilight, and the shades of green in the dark corners of the switch panel
  • Twilight #2, and the raise of the ping
  • From egress til drop - the story of a packets short life

Maybe a networking book with some nice ladies, covered only by a whiff of bits and bytes on every second page, would work as well....

(11 Feb '14, 06:56) Kurt Knochner ♦