LabEx
Log InJoin For Free

Verify Wireshark Installation

WiresharkWiresharkBeginner
Practice Now

Introduction

In this challenge, "Verify Wireshark Installation," you'll confirm that Wireshark is correctly installed and functioning on your system. The goal is to start Wireshark from the terminal, select the appropriate network interface, and apply a display filter to capture only HTTP traffic (port 80).

You'll use the wireshark command to launch the application, then generate HTTP traffic using curl http://labex.io in a separate terminal. Finally, you'll verify that the HTTP traffic from labex.io is successfully captured and displayed in Wireshark, confirming the installation and basic functionality.

Skills Graph

%%%%{init: {'theme':'neutral'}}%%%% flowchart RL wireshark(("Wireshark")) -.-> wireshark/WiresharkGroup(["Wireshark"]) wireshark/WiresharkGroup -.-> wireshark/interface("Interface Overview") wireshark/WiresharkGroup -.-> wireshark/display_filters("Display Filters") wireshark/WiresharkGroup -.-> wireshark/commandline_usage("Command Line Usage") subgraph Lab Skills wireshark/interface -.-> lab-548783{{"Verify Wireshark Installation"}} wireshark/display_filters -.-> lab-548783{{"Verify Wireshark Installation"}} wireshark/commandline_usage -.-> lab-548783{{"Verify Wireshark Installation"}} end

Verify Wireshark Installation

This challenge verifies that Wireshark is installed and can capture traffic on the system.

Tasks

  • Start Wireshark from the terminal.
  • Select the appropriate network interface to capture traffic.
  • Apply a display filter to capture only HTTP traffic (port 80).
  • Verify that HTTP traffic is being captured.

Requirements

  1. Start Wireshark from the terminal using the command wireshark.
  2. Select the correct network interface in Wireshark to capture traffic. The interface name may vary (e.g., eth0, eth1).
  3. Apply a display filter in Wireshark to capture only HTTP traffic using the filter http.
  4. Generate some HTTP traffic by using curl http://labex.io in another terminal.
  5. Verify that the HTTP traffic from labex.io is captured in Wireshark.

Examples

After applying the filter and generating HTTP traffic, you should see packets with the protocol "HTTP" in the Wireshark packet list. The "Source" and "Destination" columns should show the IP addresses involved in the HTTP communication.

Capture HTTP traffic

Hints

  • If you don't see any traffic, make sure you have selected the correct network interface.
  • Double-check the display filter to ensure it is correctly entered as http.
  • Ensure that you are generating HTTP traffic after starting the capture and applying the filter.
  • If you are still having trouble, try capturing all traffic first (without a filter) to confirm that Wireshark is working correctly, then add the filter.
โœจ Check Solution and Practice

Summary

In this challenge, the goal is to verify a working Wireshark installation. This involves launching Wireshark from the terminal, selecting the appropriate network interface for traffic capture, and applying a display filter to isolate HTTP traffic (port 80).

The key learning points include confirming Wireshark's functionality by capturing and filtering network packets. Specifically, the challenge requires using the http display filter, generating HTTP traffic with curl http://labex.io, and verifying that the captured traffic in Wireshark displays the HTTP protocol and relevant source/destination IP addresses. Successful completion confirms that Wireshark is correctly installed and configured for basic packet capture and analysis.

Related Wireshark Courses
Quick Start with Wireshark

Quick Start with Wireshark

Cybersecurity
Beginner