Introduction to Ethereal

Objectives

What is ethereal and why we study it?

How does ethereal works and what are its main features?

Introduction to ethereal interface and its menu items

Ethereal 

Ethereal is the network packet analyzer, which captures network packets and displays that packet data as detailed as possible. It is kind of measuring tool that tries to measure what is going inside a network cable.

Why Study Ethereal ?

Study of ethereal is important because being a student of data communications one must know how information is transferred between functional units by means of data transmission according to a protocol .Also it helps in knowing how information is transferred in computer networks.

Uses of Ethereal

Network administrator can use it to troubleshoot network problems

Network security engineers use it to examine security problems

Developers use it to debug protocol implementation

Task 1

a)Find the available interfaces on the computer and the IP assigned to each interface.

 

b)Capture packets on a particular interface,find out what protocols have been used,and save them in a file.

Captured the Microsoft interface whose IP Address is 192.168.1.2.

The following are the protocols used:

1)TCP

2)UDP

3)ARP

4)RUDP

 

c) State your findings

The findings are:

1 ) Data can be captured from the wire from a live network connection.

2) Data display can be refined using a display filter.

3) You can capture, filter, and analyze data your network adapter sees -- nothing more and nothing less. Typically it is used to examine what data is being sent to and from your machine. If there's strange network activity going on, wireshark will certainly tell you about it. In that sense, it is a security tool. It's also valuable for debugging software you write yourself that works over the network.