Our objective in the previous week was to understand the basics of network protocol analysis, know more about the tools used and thier working,and we have accomplished the same.We have learnt that network protocol analysis is a process of decoding packets of information encapsulated by the protocol.This can be done using a network protocol analyser which can also be used to build protocols.In the typical network architecture, a layered approach is used to design network protocols and communications. The most popular network architecture reference model is called the OSI model. The protocols at one layer should communicate with protocols at the same layer.The regular computer communication class was of great help in making us understand these concepts better and get a vivid picture of how protocol stack works. The key function of a protocol analyzer is to decode the protocol at each layer. Protocol information of multiple layers may be used by protocol analyzer to identify possible problems in the network communication, which is called Expert Analysis.
With this background we learnt about the usage of the protocol analyser tool wireshark.These are some of the commands whose syntaxes and functions were understood by us:-
capinfos - Prints information about capture files
dumpcap - Dump network traffic
editcap - Edit and/or translate the format of capture files
idl2wrs - CORBA IDL to Wireshark Plugin Generator
mergecap - Merges two or more capture files into one
rawshark - Dump and analyze raw libpcap data
text2pcap - Generate a capture file from an ASCII hexdump of packets
tshark - Dump and analyze network traffic
wireshark-filter - Wireshark filter syntax and reference
wireshark - Interactively dump and analyze network traffic
We look forward to learn more about wireshark by next week.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment