Wireshark: Security Analysis and Network Packet Inspection Report

Verified

Added on 2023/01/16

AI Summary

This report examines Wireshark as a powerful tool for network security analysis. It details how Wireshark can be used to capture and inspect network packets, providing insights into potential security vulnerabilities and attacks. The report showcases the application of Wireshark in identifying and troubleshooting security issues, including its role in intrusion detection and firewall rule analysis. Through examples and references, the report highlights the flexibility and in-depth inspection capabilities of Wireshark, making it a valuable resource for understanding and enhancing network security. The author also provided examples of the interface and how the packets are captured and analyzed. The report concludes by emphasizing the importance of Wireshark in dissecting network attacks and designing countermeasures to improve overall network security.

0
USING WIRESHARK AS A SECURITY TOOL
Using Wireshark as a Security Tool
Name of the Student
Name of the University
Author’s Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1
USING WIRESHARK AS A SECURITY TOOL
Using Wireshark as a Security Tool:
Wireshark is an open source software available for most of the platform and is used
for troubleshooting network and identification of security issues. It can be used for capturing
data packets from the network and verify the network applications. The following figure
demonstrates the available interface that can be used for capturing packets from the network.
The packets are captured for examining their content and identification of the vulnerability of
the network. It is used as an intrusion detection system that helps in identifying the potential
attacks and improve the security of the network.
Figure 1: Running Wireshark on home network 1
(Source: Created by author)
The line at the top pane of wireshark represents the single packet captured from the
network and by default the time of capture, source address, destination address, protocols
used and information about the packet are displayed. More informtion about the packet can
be found by clicking the packet and scrolling down to the second and third window pane [2].
The second pane contains the details of the selected packet from the top pane. The sub
sections can be expanded for getting more information about the packet.

2
USING WIRESHARK AS A SECURITY TOOL
Figure 2: List of packets captured while scanning 1
(Source: Created by author)
Wireshark can be used as a security tool since peering into the packet details have
helps in dissecting the network attacks and design countermeasures for increasing the
network security. It can also be used for troubleshooting the security devices that are
connected in the network for finding that which type of packet can easily pass through the
device and identify whether it causes connectivity problems [1]. Wireshark can also be used
for detecting different types of attacks and troubleshooting the firewall rules. Thus it can be
said that the flexibility and in-depth inspection makes it a valuable tool for analysing the
security events and troubleshooting security or devices issues in a network.

3
USING WIRESHARK AS A SECURITY TOOL
References
[1]A. Kumar and J. Yadav, "Comparison: Wireshark on different parameters", International
Journal Of Engineering And Computer Science, 2016. Available: 10.18535/ijecs/v5i3.33.
[2]V. Ndatinya, Z. Xiao, V. Manepalli, K. Meng and Y. Xiao, "Network forensics analysis
using Wireshark", International Journal of Security and Networks, vol. 10, no. 2, p. 91, 2015.
Available: 10.1504/ijsn.2015.070421.