WIRE SHARK LAB
Oregon Institute of Technology
Department of Management
Lab 1:
Installing and Using Wireshark
Packet Capture Software
Done by
Your Name here
Date Report Due: Nov 3, 2013
Date Report Submitted: ??? ?, 2013
Table of Contents
3
Descriptive
Abstract
4
Lab Overview write-up for MIS 272
6
Overview of the Lab
6
Required software for this lab
7
Minimum Required Activities
8
Conclusion
8
References
8
Appendix
9
Running Glossary
Descriptive Abstract
In the course you will include a descriptive
abstract
with each lab. Abstracts have a very specific purpose and are not to be confused with a executive summary or introduction to the lab. See how to write a descriptive abstract at
http://writing.colostate.edu/guides/documents/abstract/
Lab Overview write-up for MIS 272
As this is your first lab, I will provide a little more definition of what is to be included in this lab. DELETE THIS PAGE FROM YOUR LAB WRITE-UP. Your lab must be entirely in your own words. The lab template is only intended to provide a direction for the lab.
Introduction: The purpose of the Introduction is to be very clear about what you are doing in the lab and what software/equipment will be used in the lab. In the Introduction you need to set up the context of the lab (why we are doing the lab and how it relates to reader and other materials in the class) and make it clear to the reader what they will encounter across the lab write-up. Introductions are almost always written last, since you won’t know the full extend of the lab until you are done.
These labs are formal documents. Write the lab as if someone you don’t know is reading it. You can assume a technical audience, but define all new terms, and put those definitions in your Running Glossary at the end of the lab. The intent of writing up the lab is to communicate to your audience (your instructor in this case) what you know and what you have learned in the process of the lab. I can’t read your mind so be clear about everything you write. Try not to be folksy or sarcastic. There are places for that kind of writing, but it is not here. Technical people tend to be poor communicators and assume everybody knows what they know. If that describes you, then you’ll need to work hard to be clear and concise.
The purpose of the Introduction section in these labs to ‘completely’ set up the context of the lab. Why are you doing this kind of activity? What technologies are you using/exploring? What will be the likely outcome of the project? The reader should know exactly what is coming up in the Analysis section of the write-up.
In the Introduction you will include the following sections at a minimum:
1. Clearly explain the purpose of the lab in your own words. How does the material in the reading relate to the content in the lab? What are the important things to be understood here?
2. List all of the software, hardware and any other resources used in the lab. Model and version numbers included. Many of your labs will use some of the same software and hardware, so you will be able to copy much of this description from lab to lab. The reader should be able to duplicate your outcomes using same equipment and software.
3. Provide a brief overview of all the main topics/sections to be covered in the lab synopsis of the key technologies (in this case it is Wireshark ) and its purpose. Use Bolded Headings to identify each of these major topics/sections in the paper writing.
· Note about embedded graphics. You are expected to capture screen shots of important activities of your lab. Remove everything in the screen shots that are not specific to the topic under discussion. Only select those important screens that show that you have achieved something important. I will never expect detailed click-by-click screen shots, or explanations. Let’s just assume you know how to install software. Choosing the right graphics takes some practice. “If in doubt, leave it out”. By choosing the right graphic you can get several ideas into a single graphic. Crop out unnecessary screen real estate. Allow text to flow around your graphics and label each graphic with some type of numbering screen. Keep your graphics close to the text used to describe them. Save your screen shoots as bit-maps (like JPEG files) to reduce their size. Visio graphics are too large. Convert them to JPEGs first.
Written Communications: These labs are formal documents and you are expected to write well and to use excellent grammar. If your writing is not up to college level then plan to get a tutor to help you ‘clean’ up the text. All uses of outside sources, that are not your own, must be cited and referenced in
APA format
. There are several great tools that will create the citations for you at OIT’s library site:
http://www.oit.edu/libraries/help/citing-sources
In general, every lab will be handed in the form Shown below:
Cover page
Abstract
Introduction
Main Lab Exercises
Part 1
Part 2
Etc.
Summary
References
Appendix
Running Glossary
* All major sections show be set aside with Bolded Headings so that it is very clear where you are in the lab
Overview of the Lab
In this lab you will learn to use the
Wireshark
packet analyzer software. The lab assumes you are using the computers in OIT’s labs, but of course you can download Wireshark to you home PC for free from the link above. It is expected that you are connected to the Internet over a broadband link (DSL, Cable, Satellite, etc), and that you can navigate to Web pages with a common browser (IE, Firefox, etc.). The primary objectives of this lab include:
1. Installing Wireshark on your lab computer
2. Using the help screens and software manual for Wireshark, learn to capture and save packet traces on your system for a specific communication activity.
3. Learn to capture informative portions of your computer screen and to save bitmap graphic representations in your lab document
4. Explain the major software elements of Wireshark, explain the screen design of the output screen and discuss how each section of the user interface data capture screen is used to it is used to show the data captured in the data packets that you captured.
Required software for this lab
4. A PC (or MAC) that is connected to the Internet with an Ethernet adapter
5. Windows XP (or newer), or one of the other operating systems supported by Wireshark (make sure you can screen capture and save screen caps to Word documents)
· There are several good screen capture utilities out there that work well. I use SnagIt, but it costs $39. Gadwin Systems Printscreen is a nice freeware application that you can download at
http://www.gadwin.com/download/index.htm#PrintScreen
, or you can use the built-in screen capture in Windows 7
6. Wireshark packet capture software
· You can download and use Wireshark from
http://www.wireshark.org/download.html
· It comes with WinPCAP, which is required for PCs
· The
online user guide
is a great resource for familiarizing yourself with the Wireshark interface
· There are versions for some MAC OS10.x versions and Linux as well
· There are several how-to videos that you will find informative at
http://www.wireshark.org/docs/
7. Start a running Glossary in the appendix of the lab. Highlight all new terms in your lab in Yellow and include them in your glossary. I expected your definitions to be in your own words. Show me you understand the terms you use. Copy this running glossary to the next lab and add to it.
Minimum Required Activities
The purpose of this lab is to get you familiar with packet Analysis and how it works on Ethernet traffic. I expect that you will capture important screens and crop out what is not important
Section 1: Learning to use Wireshark
Start by watching the video called ‘Introduction to Wireshark” at the
http://www.wireshark.org/docs/
site. Navigate to the
http://wiki.wireshark.org
site and look at some of the helps available to you as you learn to use Wireshark. For this section I want you to capture some packets in your Wireshark screen. Turn off the capture and then screen capture the entire Wireshark interface. Use callout bubbles and text to explain the interface and how each section is used. Explain how to capture and display network packets on Wireshark. Define all new terms as you go.
Crop
out unnecessary clutter in your screen shots. And let the text flow around your graphics as they are flowing this bubble.
Section 2: Capturing a specific packet trace
I know you would like to buy me a new Gibson SJ-250 Acoustic Guitar for my birthday, so point your browser to
http://www2.gibson.com/Products/Acoustic-Instruments/Super-Jumbo/Gibson-Acoustic/J-200-Standard.aspx
to learn more about it. But just before you hit return to go to the site, turn on the packet capture in Wireshark (Ctrl-E) so you can capture all the new packets as they come to your browser. After clicking on a few web pages turn off the packet capture on Wireshark (Ctrl-E again) to see the list of packets you just captured. (*note – if you decide to go to the site again you will need to clear the Internet cache in your browser because it will cache the web pages locally and not go to the site unless you click on new pages)
Section 3: Understanding the information in the trace
What can you tell me about the communication between your PC and the GIPSON site? What
network protocols
do you think were used in the communications? From the reading in the text, the Wireshark user manual and what you can see in the packet capture (aka trace), how do think packets are used to transmit information between your computer and the Gibson website?
8. What do you think are the
IP addresses
for your machine and for the Gibson server? This is a bit of a trick question. Try putting the Gibson site ip address into you browser to see if it goes to the server. What happens?
9. Using the Wireshark
wiki materials
, explain the purpose of WinPCap (used for Windows users)?
Conclusion
10.
I will always be looking for what you learned in the lab in the conclusion. Resist the temptation to repeat here what you wrote above.
At a minimum you should address the following in your Conclusion
11. What key concepts from the book are pertinent in this lab?
12. What were the most important concepts you learned in this lab?
13. What did you discover in the process of installing and using the Wireshark packet capture software?
References
Use APA format and be sure to place citations in the text next to the material you used (See
www.oit.edu/libraries/help/citing
for help with the references.
www.bibme.org
will create the citations in the right form for you.
Appendix
Put any large tables or graphics here so you can reference them in your lab text
Running Glossary
Define new and important terms in your own words
Packet trace Window
OSI layers for selected Packet
Data detail in packet
This is a call-out bubble