Wireshark Network Traffic Analysis

Questions and Answers

What is the main purpose of Wireshark?

• Writing documents
• Analyzing network traffic (correct)
• Playing online video games
• Downloading music files

How can Wireshark capture network traffic?

• By scanning mobile devices
• By updating software
• By setting the network card to monitor mode (correct)
• By sending emails

What does filtering in Wireshark allow users to do?

• Create music playlists
• Edit photos
• Write code
• Focus on specific types of network traffic (correct)

Which type of data can Wireshark analyze?

Unencrypted data like usernames and passwords (D)

Apart from packet capturing, what advanced feature does Wireshark offer?

Statistics generation (D)

How can Wireshark help identify potential security risks?

By analyzing unencrypted data like usernames and passwords (A)

Flashcards are hidden until you start studying

Study Notes

• Wireshark is an application used for network traffic analysis and can be downloaded from wireshark.org for different operating systems.
• When using Wireshark, you can capture network traffic on the network you are connected to, whether through Ethernet or wireless.
• By setting the network card to monitor mode, Wireshark can capture all network traffic on the network, allowing for analysis of packages being sent and received.
• Filtering in Wireshark allows users to focus on specific types of network traffic, such as filtering for TCP or UDP protocols, or filtering for specific keywords in packages.
• Wireshark can display details of captured network traffic, including time of capture, source and destination IP addresses, protocols, package length, and additional information.
• Users can analyze unencrypted data in Wireshark, such as usernames and passwords sent over unsecured connections like HTTP, highlighting potential security risks.
• Wireshark offers advanced features beyond basic packet capturing, including statistics generation and advanced filtering options for in-depth network analysis.