![]() ![]() The first three packets are the process of the TCP three-way handshake. Viewing the packets, in the above figure, packets 1-3 are using the TCP protocol, and packet 4 is using the HTTP protocol, which is a clear sign of the TCP three-way handshake. Returning to Wireshark, filter the packets by IP address in the filter, as shown in the following figure is the result of filtering the packets. The IP address of Baidu here is 14.215.177.39. Start capturing with Wireshark, and then, as shown in the following figure, use the curl and ping commands in the terminal to interact with the target address:įrom the response packets of ping, we can see that we received 7 response packets. ![]() This example demonstrates packet capture using the curl and ping commands. Click the start icon in the upper left corner to enter the packet capture page shown in the following figure: ![]() In the initial interface of Wireshark, the fluctuating line represents the fluctuation of the information transmitted by the network card. The following figure shows the initial interface after successfully installing Winpcap and Wireshark: Wireshark uses Winpcap as the interface to directly exchange data packets with the network card. The function of network packet analysis software is to listen to network packets and display the most detailed network packet information as much as possible. Wireshark is currently one of the most widely used network packet analysis software in the world.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |