File System and Tree View Pane
Lab #5, Wireshark Introduction Lab
Lab Report
Each answer is worth seven points.
Use a red colored font for you answers.
Place the answers below the questions.
1. Is Wireshark open-source or proprietary?
Open-source
2. What is seen in each of the three panes that display the packets seen on a local area network?
The List Pane shows the packets that have been captured. The Tree View Pane shows the headers of various protocols encapsulated in the packet. The Tree View Pane also allows the hierarchical view of the header field details. The Byte View Pane shows the raw data sixteen (10 Hex) bytes per row.
3. What does a display filter do?
The display filter allow you to define which packets are displayed in the List pane.
4. What does the protocol column show?
The protocol column shows the highest layer protocol in the frame.
5. How do you expand the details in a layer of the packet in the middle frame?
By selecting the plus sign (+) of a packet in the tree view pane, you can expand the display details at any given level of the hierarchy
6. Capture files have what file name extension?
Capture files have the file name extension of .pcap.
7. The time column shows what?
The time column shows the time relative to the first packet. By default, the packets are displayed in increasing order of this time.
8. When you right click on something in one of the panes what happens?
A menu of actions that you can perform is displayed when you right click on something in one of the panes.
9. How is a display filter removed?
To remove a display filter just select Clear in the Filter area.
10. When a filter is correct what color is the background of the filter window?
The color of the background filter window is green when a filter is correct.
Lab Report
Each answer is worth seven points.
Use a red colored font for you answers.
Place the answers below the questions.
1. Is Wireshark open-source or proprietary?
Open-source
2. What is seen in each of the three panes that display the packets seen on a local area network?
The List Pane shows the packets that have been captured. The Tree View Pane shows the headers of various protocols encapsulated in the packet. The Tree View Pane also allows the hierarchical view of the header field details. The Byte View Pane shows the raw data sixteen (10 Hex) bytes per row.
3. What does a display filter do?
The display filter allow you to define which packets are displayed in the List pane.
4. What does the protocol column show?
The protocol column shows the highest layer protocol in the frame.
5. How do you expand the details in a layer of the packet in the middle frame?
By selecting the plus sign (+) of a packet in the tree view pane, you can expand the display details at any given level of the hierarchy
6. Capture files have what file name extension?
Capture files have the file name extension of .pcap.
7. The time column shows what?
The time column shows the time relative to the first packet. By default, the packets are displayed in increasing order of this time.
8. When you right click on something in one of the panes what happens?
A menu of actions that you can perform is displayed when you right click on something in one of the panes.
9. How is a display filter removed?
To remove a display filter just select Clear in the Filter area.
10. When a filter is correct what color is the background of the filter window?
The color of the background filter window is green when a filter is correct.