Skip to content
Snippets Groups Projects
Select Git revision
  • master default
1 result
Compare
user avatar
Wireshark panel change
brutzman authored
474b3d30
History
user avatar 474b3d30
History
Name Last commit Last update
..
images
Capturing_DIS_Packets.docx
Capturing_DIS_Packets.pdf
Firewall_Configuration.docx
Firewall_Configuration.pdf
README.md
ipconfig.txt
ipconfigAllExcerpt.txt
README.md

Wireshark Setup and Usage

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.

Wireshark is an excellent open-source tool with wide use. Capabilities include inspection of dis packets.

Capturing DIS Packets by Tobias Brennenstuhl is his thesis annex specifically written to help support student efforts.

Installation and Configuration

IMPORTANT: if you have already installed Wireshark, check your version!
Always use the latest version so that operating-system security and feature sets are up to date.

  1. Download Wireshark from https://www.wireshark.org
  2. Install Wireshark using local administrator permissions if possible.
  3. Launch and see if network packets are being detected.
Successful installation, monitoring network traffic Failed installation, no monitoring of network traffic
  1. Check your network interfaces via console commands ipconfig.
  2. Double-check network interfaces using ipconfig /all to see any hidden interfaces.
  3. Select blue "fin" Wireshark button in header bar to begin monitoring packets.

Capturing Packets

  1. Adjust Wireshark Preferences as shown
Edit > Preferences > Appearance > Columns Edit > Preferences > Appearance > Layout
Edit > Preferences > Capture
  1. Set filter to (tcp.port == 3000 || udp.port == 3000) && dis
  2. Launch one of the example programs to send packets, then observe results.
udp && dis (tcp.port == 3000 || udp.port == 3000) && dis

References

  1. Wireshark home page and Learning Wireshark
  2. Wireshark User’s Guide
  3. Wireshark Frequently Asked Questions (FAQ) and Ask Wireshark
  4. NPS Remote Access and Wireless Services
  5. Tobias Brennenstuhl, REPEATABLE UNIT TESTING OF DISTRIBUTED INTERACTIVE SIMULATION (DIS) PROTOCOL BEHAVIOR STREAMS USING WEB STANDARDS, MOVES Masters Thesis, Naval Postgraduate School (NPS), Monterey California USA, June 2020.

Troubleshooting

  1. Check firewall settings on your local system. (Again thanks to Tobias for another helpful reference.)
  2. Compare Wireshark results with/without your Virtual Private Network (VPN) active.
  3. Compare Wireshark results when logged in as local administrator, if possible.
  4. StackOverflow: wireshark is an excellent resource for detailed technical questions, looking up error messages, etc.

Videos

  1. Wireshark Master Class // Lesson 1 // Wireshark Setup by Packet Head Chris Greer
  2. Intro to Wireshark: Basics + Packet Analysis! by SinnohStarly - Ross Teixeira.
  3. Wireshark Tutorial for Beginners by Anson Alexander
  4. Back to Basics video by Hansang Bae. "Read.... READ I SAY!!!!"