Wireshark labs
  Lab Introduction  

"Tell me and I forget. Show me and I remember. Involve me and I understand."
---Chinese proverb


   One's understanding of network protocols can often be greatly deepened by "seeing protocols in action" and by "playing around with protocols" - observing the sequence of messages exchanges between two protocol entities, delving down into the details of protocol operation, and causing protocols to perform certain actions and then observing these actions and their consequences. This can be done in simulated scenarios or in a "real" network environment such as the Internet. The Java applets in the textbook Web site take the first approach. In these Wireshark labs, we'll take the latter approach. You'll be running various network applications in different scenarios using a computer on your desk, at home, or in a lab. You'll observe the network protocols in your computer "in action," interacting and exchanging messages with protocol entities executing elsewhere in the Internet. Thus, you and your computer will be an integral part of these "live" labs. You'll observe, and you'll learn, by doing.

  The basic tool for observing the messages exchanged between executing protocol entities is called a packet sniffer. As the name suggests, a packet sniffer passively copies ("sniffs") messages being sent from and received by your computer; it will also display the contents of the various protocol fields of these captured messages. For these labs, we'll use the WireShark packet sniffer. WireShark is a free/shareware packet sniffer that runs on Windows, Linux/Unix, and Mac computers. The WireShark labs below will allow you to explore many of the Internet most important protocols.

  Instruction of WireShark  

Wireshark is a free packet sniffer computer application. It is used for network troubleshooting, analysis, software and communications protocol development, and education. It is one of 20 Free Software Favorites of 2008 commented by Network World.

  In June 2006 the project was renamed from Ethereal due to trademark issues. It was because Gerald Combs, creator of Ethereal, joined CACE Technologies ( www.cacetech.com, best known for WinPcap ) on June,2006. There is a long story for Why Ethereal changes name to WireShark. You can find more information on wiki/wireshark.

  The Wireshark installation package comes with the latest stable release of WinPcap, which is required for live packet capture. If needed you can install the latest development release from theWinPcap download page.

  WireShark is now a Open Source project on SourceForge.

  The last official release of Ethereal: Ethereal 0.99.0 by April 24,2006

  Lab Guide  
      WireShark labs: click on the links below to download an WireShark lab on the given topic.
  1. WireShark:Getting Started
  2. Ethernet and ARP
  3. ICMP
  4. IP          Tools:  PingPlotter 3.2p
  5. DHCP
  6. TCP      Test Page: Hello,World. | Upload file | Web form
  7. DNS
  8. HTTP   Test Page: HTTP file1 | HTTP file2 | HTTP file3 | HTTP file4
  Note: For all the printout required in the lab manual, please install PDF995 and print the packet content to a pdf, submit the pdf file with your lab report or just paste the pdf content into your lab report.
  Lab Report  
    Students should submit a report for each lab. below is a template file you can follow:

  Lab Report Template file: Lab Report Template.doc

  Reference on How to write lab report:
        ---"Writing Lab Reports - Hand Book "
        ---"Writing Lab Reports and Scientific Papers"
        ---"Scientific Reports"