Download and install Wireshark from the Wireshark web page on your own PC
2) Start Wireshark and put it into capture mode on your Ethernet connection.
3) Access a single web site.
4) Stop the capture mode and analyze the captured data. What do you see?
5) Clear the capture and restart the capture process.
6) Logon onto a remote service or application via your network ISP or another Internet connection that requires authentication. What does that captured traffic show?
7) Repeat steps 5 & 6 until you have captured packets indicated below. You may have to access different sites or network devices, or generate unique connections to capture all the protocol types. [Hint: have you ever put your network connection in loopback mode?] If you cannot capture a protocol, explain why you cannot. a. ARP b. TCP c. UDP d. HTTP e. HTTPS (TLS) f. FTP g. ICMP h. DNS
8) Restart your network connection and the capture process and allow it to run for 1 hour.
At the end of the hour display the network connection statistics and the network packet summary. Compare the collected data with what your firewall displays and the packet count shown under the network connections status found in your operating system. Then start a new capture overnight on your home computer connection. What activity do you see overnight? Provide proof of your one-hour and four-hour Wireshark runs.
2 pages lab experiences and 2 pages researching about the Wireshark application and an analysis of how it can be used to support Information Assurance and Security professionals.