This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Questions about how to use WireShark

0

I'm a college student in a networking class and I need help with a question from my homework. I have never used Wireshark or anything like it. I basically have no clue what I'm doing. I have tried to play around with the program and can't seem to figure it out. Can anyone walk me through this?

Here is the exact question my text book is asking.

After starting a capture from Wireshark, start a TCP-based application like SSH, FTP, or HTTP (Web browser). Can you determine the following from your capture?

a. Source and destination layer 2 addresses (MAC)
b. Source and destination layer 3 addresses (IP)
c. Source and destination layer 4 addresses (port numbers)

asked 19 Oct '16, 12:02

NetworkingStudent007's gravatar image

NetworkingSt...
6112
accept rate: 0%

edited 19 Oct '16, 12:45

sindy's gravatar image

sindy
6.0k4851

The first thing to ask is whether, when you start Wireshark, you can see a list of your computer's network interfaces on which you can capture traffic (or, maybe faster, what is the output of tshark -D from a command line window). If not, you have installed the capturing part improperly and you'll be unable to fulfil the task. If this is the case, details about your operating system are necessary to suggest the right solution.

(19 Oct '16, 12:51) sindy

One Answer:

0

I actually think I figured it out! I had to play with the settings a bit and I think I found what I needed! Thanks for the reply!

answered 19 Oct '16, 12:54

NetworkingStudent007's gravatar image

NetworkingSt...
6112
accept rate: 0%