Wireshark Lab: Getting Started
Computer Networking: A Top-
th
Version: 2.0 down Approach, 4 edition.
© 2007 J.F. Kurose, K.W. Ross. All Rights Reserved
“Tell me and I forget. Show me and I remember. Involve me and I understand.”
Chinese proverb
One’s understanding of network protocols can often be greatly deepened by “seeing
protocols in action” and by “playing around with protocols” – observing the sequence of
messages exchanged between two protocol entities, delving down into the details of
protocol operation, and causing protocols to perform certain actions and then observing
these actions and their consequences. This can be done in simulated scenarios or in a
“real” network environment such as the Internet. The Java applets that accompany this
1
text take the first approach. In these Wireshark labs , we’ll take the latter approach.
You’ll be running various network applications in different scenarios using a computer
on your desk, at home, or in a lab. You’ll observe the network protocols in your computer
“in action,” interacting and exchanging messages with protocol entities executing
elsewhere in the Internet. Thus, you and your computer will be an integral part of these
“live” labs. You’ll observe, and you’ll learn, by doing.
The basic tool for observing the messages exchanged between executing protocol entities
is called a packet sniffer. As the name suggests, a packet sniffer captures (“sniffs”)
messages being sent/received from/by your computer; it will also typically store and/or
display the contents of the various protocol fields in these