How to analyse a data packet (p-cap file) using wireshark

Description

In this Project i used Wireshark to inspect data packet file and applied filters to sort through packet information efficiently.

Utilities Used

• Wireshark

Environments Used

• Virtual Box

• Windows 10 (21H2)

Program walk-through:

Launch wireshark on the network and capture:

• A lot of network packet traffic is seen, which is why we’ll need to apply filters to find the information we need.

I applied a basic filter for traffic associated with a specific IP address which is 142.250.1.139:

This provides you with details about the overall network packet, or frame, including the frame length and the arrival time of the packet. here we see entire packet of data.:


At the Ethernet level, we see the source and destination MAC addresses and the type of internal protocol that the Ethernet packet contains:


Now we want to see just the traffic from the specific destination IP address::

We can also use filters to select and examine DNS traffic:


You can also use additional filters to select and examine TCP packets as shown below:

There are definitely lots of filters that can be used to analyse this data packet file but just for the purposes of this project i chose to keep it simple and i hope it was helpful.