- [Instructor] If you want to download and install Wireshark so you can follow along, go to wireshark.org/download.html. For this course, we'll use the old stable release 2.0.7. I'll drop this down and it will automatically identify the operating system that is most likely yours. We'll select that. It will take a minute or so to bring down the executable. And this is a pretty standard installation.
And then it's going to go through the setup. This takes us to the License Agreement. It's a little bit different because it's the GNU Public Licensing and it might be of interest to read it. I say I Agree, then the next part comes to what components would I like to install. Let's drop this down. And you can see that there are a lot of additional tools. I don't generally cherry pick through these, as most of them are needed in order for Wireshark to function correctly.
With the fact that it's an open-source development, you'll find enhancements that take place. And those will be included in the latest versions. You will see that TShark is also an option. TShark is something you might want to install and try. It's the terminal Wireshark. It's a lightweight application and it doesn't have the heavy graphical interface. Because of this, it's less resource-intensive. I'll go to Next. Then we can create the shortcuts you want.
And then it will say where would you like the directory? You can specify another one and then we'll say Next. At this point, you'll see the splash screen come up Install WinPcap? Well, a lot of times, people aren't really sure if we should install WinPcap. They might not choose to install it, but you really do need it. If you don't install it, Wireshark won't run as expected. The fact is, there's three packet-capture engines. WinPcap for Windows, LibPcap, and AirPcap for wireless.
So, yes, I want to install it. We're not going to use USBPcap. But we'll let this run and complete the installations. Here, it will prompt me to install WinPcap. And I Agree. Install the WinPcap driver at boot time. And I'll say Yes. And then Finish. And we'll go to Next.
And we can select Run Wireshark and, also, Show the News. And then we can say Finish. Once it's open, you'll see that it will prompt you and it will be the regular Wireshark. I want to close this. And then, I'll open Wireshark Legacy. And this is the one that we're going to use for the course. So, once you open it, you can see that the three splash screens, as usual. Up on the top, you'll see some commonly referenced icons.
Some of which are grayed out, because there's no packet capture to reference. Right here, you'll see the display filter. And then, down below, you'll see three columns. On the left-hand side, you'll see the capture interfaces and shortcuts to begin a capture. They're in another location, but, right now, we can see the interface list. So, I'll just scroll down here. And, when I'm ready, if I did select one, that green fin will have me start the capture. Down below, you can see some Capture Help.
So, if you did need How to Capture and some Network Media. And then, the Files section. This says Open a previously captured file and some Sample Captures. There's a lot of sample captures available out there. Some of which I reference when we talk about these in my course. There's a repository of all different types you might want to investigate on your own. Then we'll see, on the right-hand side, there's a couple sites you can go to. One is where we came from and that's the project website. That tells us a little bit more about Wireshark.
Then there's a User Guide that gives us all types of information, commonly asked questions. And then, we can take a look at some of the things in considerations. Many of which we'll talk about. So, we took a look at downloading and installing Wireshark and looking at the splash screen. For this course, we are using the old stable release. So, when you install Wireshark, then just simply go to the icon that says Wireshark Legacy. So, let's get started.
- Exploring the Wireshark interface
- Using display and capture filters
- Dissecting the OSI model
- Analyzing TCP, IPv4, and other protocols
- Detecting denial-of-service attacks and password attacks
- Using security tools for ethical hacking
Skill Level Intermediate
Q: Where can I download the exercise files?
A: You can download some of the exercise files from lynda.com for this course. Others are available for download from other sources. Watch the video titled “Downloading the exercises files” for more information on downloading each external file.