Exercise: Setting up and using Wireshark on a Linux sandbox machine for packet capture and
analysis

  1. Install Wireshark on your Linux sandbox machine by running the command “sudo apt-get
    install wireshark”
  2. Start Wireshark by running the command “wireshark” in the terminal
  3. In the Wireshark interface, select the network interface you want to capture packets on (e.g.
    “eth0”)
  4. Start capturing packets by clicking on the “Start” button or by pressing “Ctrl+E”
  5. After capturing the packets, you can stop the capture by clicking on the “Stop” button or by
    pressing “Ctrl+E”
  6. Analyze the captured packets by using the various filters and analysis tools available in
    Wireshark (e.g. “http” filter to view only HTTP packets)
  7. To save the captured packets, go to “File” > “Save As” and select a file format and location to
    save the capture file.

Reference:
● Wireshark website: https://www.wireshark.org/
● Wireshark documentation: https://www.wireshark.org/docs/
● Digital Ocean: https://www.digitalocean.com/community/tutorials/how-to-use-wireshark-
to-capture-filter-and-inspect-packets
● Linux.com: https://www.linux.com/learn/how-use-wireshark-capture-analyze-and-
troubleshoot-network-traffic
● LinuxJournal: https://www.linuxjournal.com/content/using-wireshark-capture-and-analyze-
network-traffic

Open chat
Hello 👋.
Tell me, how can I help you?