Wireshark is a network packet sniffer that allows you to capture packets and data in real time using a variety of different interfaces in a customizable GUI. It is also a great tool to analyze, sort and export this data to other tools. It is used by network administrators to troubleshoot networks and by cybersecurity professionals to find interesting connections and packets for further analysis, or protocols in use on the network that could be exploited. Wireshark is a robust and highly configurable passive tool for packet data analysis, capable of filtering data in a variety of ways both during and after a packet capture. Wireshark is not an intrusion detection system, and as a passive tool it does not manipulate the data that it captures in transit. In this tutorial I am going to show you how to install and configure Wireshark, capture some packets from an interface, sort the packets using a display filter, analyse the packets for interesting activity, and then were going to run a Man in the Middle attack using ettercap to see how this affects the packets being received by Wireshark. Lets get started by installing Wireshark.

Installation

Wireshark is an open-source application with version...