{"id":1338,"date":"2018-02-20T05:08:55","date_gmt":"2018-02-20T03:08:55","guid":{"rendered":"https:\/\/community.virtono.com\/?p=1338"},"modified":"2020-06-10T16:40:42","modified_gmt":"2020-06-10T13:40:42","slug":"network-analysis-with-wireshark","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/network-analysis-with-wireshark\/","title":{"rendered":"Network analysis with Wireshark"},"content":{"rendered":"<p>With the program Wireshark you can read traffic from your network (sniff).\u00a0In the example you see the possibility to analyze HTTP traffic.<\/p>\n<div id=\"toc\" class=\"toc\">\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_73 counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/network-analysis-with-wireshark\/#Example_HTTP_traffic\" title=\"Example HTTP traffic\">Example HTTP traffic<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.virtono.com\/community\/tutorial-how-to\/network-analysis-with-wireshark\/#filter\" title=\"filter\">filter<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Example_HTTP_traffic\"><\/span><span id=\"Beispiel_HTTP_Traffic\" class=\"mw-headline\">Example HTTP traffic<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul>\n<li>On the start page, you can choose which interface to monitor.\u00a0The example analyzes eth0.<\/li>\n<\/ul>\n<dl>\n<dd><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"\" src=\"https:\/\/i0.wp.com\/www.thomas-krenn.com\/de\/wikiDE\/images\/thumb\/f\/f7\/Wireshark-Traffic-Analyse-Beispiel-00-Startbildschirm.png\/250px-Wireshark-Traffic-Analyse-Beispiel-00-Startbildschirm.png?resize=419%2C332&#038;ssl=1\" alt=\"image Description\" width=\"419\" height=\"332\" \/><\/dd>\n<\/dl>\n<ul>\n<li>Here you can see an HTTP output.<\/li>\n<\/ul>\n<dl>\n<dd><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"\" src=\"https:\/\/i0.wp.com\/www.thomas-krenn.com\/de\/wikiDE\/images\/thumb\/2\/2b\/Wireshark-Traffic-Analyse-Beispiel-01-HTTP.png\/250px-Wireshark-Traffic-Analyse-Beispiel-01-HTTP.png?resize=413%2C327&#038;ssl=1\" alt=\"image Description\" width=\"413\" height=\"327\" \/><\/dd>\n<\/dl>\n<h2><span class=\"ez-toc-section\" id=\"filter\"><\/span><span id=\"Filter\" class=\"mw-headline\">filter<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Wireshark offers several ways to filter the displayed packages.<sup id=\"cite_ref-1\" class=\"reference\"><\/sup><\/p>\n<ul>\n<li><b>Click with the right mouse button:<\/b>\u00a0By clicking on the desired filter term (Destination IP in this case) you can\u00a0activate the filter\u00a0with\u00a0<i>Apply as Filter -&gt; Selected<\/i>.<\/li>\n<\/ul>\n<dl>\n<dd><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"\" src=\"https:\/\/i0.wp.com\/www.thomas-krenn.com\/de\/wikiDE\/images\/thumb\/d\/dd\/Wireshark-Traffic-Analyse-Beispiel-02-Apply-Filter.png\/250px-Wireshark-Traffic-Analyse-Beispiel-02-Apply-Filter.png?resize=366%2C290&#038;ssl=1\" alt=\"image Description\" width=\"366\" height=\"290\" \/><\/dd>\n<\/dl>\n<ul>\n<li><b>Entering the filter term:<\/b>\u00a0You can enter the filter term yourself (in this case Destination IP with\u00a0<i>ip.dst = 10.1.102.101<\/i>\u00a0).<\/li>\n<\/ul>\n<dl>\n<dd><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" class=\"\" src=\"https:\/\/i0.wp.com\/www.thomas-krenn.com\/de\/wikiDE\/images\/thumb\/0\/07\/Wireshark-Traffic-Analyse-Beispiel-03-Filter-applied.png\/250px-Wireshark-Traffic-Analyse-Beispiel-03-Filter-applied.png?resize=378%2C299&#038;ssl=1\" alt=\"image Description\" width=\"378\" height=\"299\" \/><\/dd>\n<\/dl>\n<dl>\n<dd><b>Other filter options:<\/b>\u00a0(examples)<\/p>\n<ul>\n<li>ip.addr == 204.13.248.70<\/li>\n<li>tcp.port == 80<\/li>\n<\/ul>\n<\/dd>\n<\/dl>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>With the program Wireshark you can read traffic from your network (sniff).\u00a0In the example you see the possibility to analyze HTTP traffic. Example HTTP traffic On the start page, you can choose which interface to monitor.\u00a0The example analyzes eth0. Here you can see an HTTP output. filter Wireshark offers several<\/p>\n","protected":false},"author":4,"featured_media":1339,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5,3],"tags":[],"class_list":["post-1338","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase","category-tutorial-how-to"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/02\/Wireshark_screenshot.png?fit=1097%2C619&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-lA","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":813,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/firewall-what-how-hardware-vs-software-firewall\/","url_meta":{"origin":1338,"position":0},"title":"FIREWALL | What? How? | Hardware vs. Software Firewall","author":"Daniel Draga","date":"December 14, 2016","format":false,"excerpt":"Firewalls are basically a barrier between your computer (or a network) and the Internet (outside world). A firewall can be simply compared to a security guard who stands at the entrance of your house and filters the visitors coming to your place. He may allow some visitors to enter while\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/12\/firewall-security.jpg?fit=610%2C458&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/12\/firewall-security.jpg?fit=610%2C458&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/12\/firewall-security.jpg?fit=610%2C458&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":769,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/how-to-speed-up-your-network-what-causes-slowing-of-network\/","url_meta":{"origin":1338,"position":1},"title":"How to Speed up your Network, what causes Slowing of Network","author":"Daniel Draga","date":"November 22, 2016","format":false,"excerpt":"It is all too easy to think that when the network becomes increasingly sluggish, that an infrastructure upgrade is needed to maintain speeds acceptable to your users. More often than not, the problem is not that your users spend too much time downloading cat videos, but more likely that there\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/01c073e.jpg?fit=650%2C405&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/01c073e.jpg?fit=650%2C405&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/01c073e.jpg?fit=650%2C405&ssl=1&resize=525%2C300 1.5x"},"classes":[]},{"id":64,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/railgun-faq\/","url_meta":{"origin":1338,"position":2},"title":"Railgun FAQ","author":"Virtono","date":"August 25, 2015","format":false,"excerpt":"What is Railgun? Railgun is a WAN optimization technology that we offer our hosting customers in partnership with a company called CloudFlare. CloudFlare\u2019s Railgun technology greatly speeds up the delivery of non-cached pages. While CloudFlare automatically caches 65% of the resources needed to make up a page, 35% can't be\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2015\/08\/railgun-map.png?fit=720%2C250&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2015\/08\/railgun-map.png?fit=720%2C250&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2015\/08\/railgun-map.png?fit=720%2C250&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2015\/08\/railgun-map.png?fit=720%2C250&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":749,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/hunt-down-apts-with-big-data-analytics\/","url_meta":{"origin":1338,"position":3},"title":"HUNT DOWN  APTs WITH BIG DATA ANALYTICS","author":"Daniel Draga","date":"November 11, 2016","format":false,"excerpt":"ORGANIZATIONS THAT START to address information security in a meaningful way will come to a point in their maturity when they have a lot of machine data. The challenge many CISOs face is how to leverage that data quickly and correlate events dynamically across the enterprise to track down advanced\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/dataintegration2.jpg?fit=1200%2C500&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1668,"url":"https:\/\/www.virtono.com\/community\/news-announcements\/26-february-network-maintenance-in-netherlands-data-center\/","url_meta":{"origin":1338,"position":4},"title":"26 February &#8211; Network Maintenance in Netherlands data-center","author":"Daniel Draga","date":"February 19, 2020","format":false,"excerpt":"Dear Customers, We will be performing network maintenance at one of our Data-Centres in Amsterdam during the below time slot: From: Wednesday 26th of February 2020 02:00 (UTC) To: Wednesday 26th of February 2020 03:00 (UTC) This maintenance has an anticipated downtime of 5-10 minutes whilst traffic re-converges. These works\u2026","rel":"","context":"In &quot;Announcements&quot;","block_context":{"text":"Announcements","link":"https:\/\/www.virtono.com\/community\/category\/news-announcements\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":732,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/hardening-the-defense-of-database-server\/","url_meta":{"origin":1338,"position":5},"title":"Hardening the Defense of Database Server","author":"Daniel Draga","date":"November 1, 2016","format":false,"excerpt":"Importance of Database Security: Databases often store sensitive data Incorrect data or loss of data could negatively affect business operations Databases can be used as bases to attack other systems from. \u00a0 Principles of Finding Holes Don't believe the documentation Implement your own client Debug the system to understand how\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/network-security1.jpg?fit=1200%2C556&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/network-security1.jpg?fit=1200%2C556&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/network-security1.jpg?fit=1200%2C556&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/network-security1.jpg?fit=1200%2C556&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/11\/network-security1.jpg?fit=1200%2C556&ssl=1&resize=1050%2C600 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1338","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=1338"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1338\/revisions"}],"predecessor-version":[{"id":1340,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/1338\/revisions\/1340"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/1339"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=1338"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=1338"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=1338"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}