[go: up one dir, main page]
Scribd
Upload
43 views18 pages

Wireshark Network Analysis Report

This project report details the analysis of network traffic generated by the Breve browser while accessing the 'soa.ac.in/iter' website using the Wireshark tool. It covers the methodology for capturing and filtering network packets, along with observations on DNS traffic, HTTPS communication, and relevant IP and port information. The findings emphasize the significance of secure web interactions and suggest future work in automating packet analysis.

Uploaded by

sahhabhi80
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
43 views18 pages

Wireshark Network Analysis Report

This project report details the analysis of network traffic generated by the Breve browser while accessing the 'soa.ac.in/iter' website using the Wireshark tool. It covers the methodology for capturing and filtering network packets, along with observations on DNS traffic, HTTPS communication, and relevant IP and port information. The findings emphasize the significance of secure web interactions and suggest future work in automating packet analysis.

Uploaded by

sahhabhi80
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 18

Network Analysis Using Wireshark Tool

A Minor Project Report

Submitted by:

ABHIJIT SAHOO (2141019120)

SREEYANS PADHI (2141016008)

SECTION : 36

7th SEMESTER

BACHELOR OF TECHNOLOGY

IN

COMPUTER SCIENCE & INFORMATION TECHNOLOGY

DEPARTMENT OF COMPUTER SCIENCE & INFORMATION TECHNOLOGY

Faculty of Engineering and Technology, Institute of Technical Education and Research

SIKSHA ‘O’ ANUSANDHAN (DEEMED TO BE) UNIVERSITY

Bhubaneswar, Odisha, India


(January, 2024)

0
DECLARATION

I/We declare that this written submission represents our ideas in our own words
and where other‘s ideas or words have been included, we have adequately cited
and referenced the original sources. We also declare that we have adhered to all
principles of academic honesty and integrity and have not misrepresented or
fabricated or falsified any idea/fact/source in our submission. We understand
that any violation of the above will cause for disciplinary action by the
University and can also evoke penal action from the sources which have not
been properly cited or from whom proper permission has not been taken when
needed.

Signature of Students with Registration Numbers

Abhijit Sahoo Sreyaans Padhi

Reg.no.: 2141019120 2141016008

Date: ————–

1
ACKNOWLEDGEMENT

I sincerely express my gratitude to Prof. NEELAM SINGHA for their


guidance and encouragement throughout this project. I would also like to thank
Siksha ‘O’ Anusandhan University for providing the resources and facilities for
completing this work & their unwavering support during this time.

Place: SOA ITER Campus, BBSR Signature of students

Date :

2
ABSTRACT

This project focuses on analyzing the network traffic generated by the Breve
browser while accessing the "soa.ac.in/iter" website. Using Wireshark,
network packets are captured and analyzed to study the interaction between the
browser and the server. The report discusses the methodology, tools, and
observations such as IP addresses, ports, and protocols involved. The findings
reveal insights into HTTPS communication, DNS resolution, and TCP/UDP
traffic, offering valuable knowledge about secure and efficient web
interactions.

3
Table of Contents

i Title Page 0
ii Declaration 1
iii Acknowledgement 2
iv Abstract 3
v Contents List 4

1 Chapter 1 Introduction 5
1.1 Background Study
1.2 Project Overview
2 Chapter 2 Methodology 6-7
2.1 Tools Used
2.2 Data Capture Process
2.3 Filtering Techniques
3 Chapter 3 Result 8-9
3.1 DNS Traffic Analysis
3.2 HTTPS Communication
3.3 Ports and IP Information
4 CONCLUSIONS 10
5 REFERENCES 11
6 Appendices 12-15
Appendix 1: Screenshots

4
Chapter 1

Introduction

1.1 Background Study

In modern networking, tools like Wireshark enable in-depth traffic analysis for applications
and services. This project aims to analyze the network traffic generated by Breve browser
activities to understand the protocols and systems underlying secure web communication. By

5
examining traffic to "iter.edu," we gain insights into HTTPS, DNS, and TCP/UDP
interactions.

1.2 Project Overview

The project involves capturing and filtering network traffic using Wireshark. Key aspects
include identifying IP addresses, source and destination ports, and analyzing the type of
communication (e.g., DNS requests, HTTPS packets). The focus is on providing an
educational understanding of how browsers interact with servers during web access.

Chapter 2:

Methodology

2.1 Tools Used

● Wireshark: For network packet capture and analysis.


● Breve Browser: To generate network traffic for analysis.
● Operating System: Windows/Linux.

2.2 Data Capture Process

6
1. Open Wireshark and select the appropriate network interface (e.g., Ethernet, Wi-Fi).
2. Start capturing packets while performing a search for "iter.edu" in the Breve browser.
3. Stop the capture after the website loads.

2.3 Filtering Techniques

● Filter by IP:

To isolate traffic involving the local IP address (192.168.29.87), the following


filter was applied:

> ip.addr == 192.168.29.87

This filter captures all packets where the source or destination IP address matches
192.168.29.87, which is the IP address of the local machine.

● Filter by Port:

Since HTTPS communication typically uses source port 443, the filter applied
was:

> tcp.srcport == 443

This filter captures packets where the source port is 443, corresponding to the secure
connection between the Breve browser and the server.

● Destination Port:

To focus on packets directed to a specific destination port, the following filter


was used:

> tcp.dstport == 62650

This filter isolates packets with a destination port of 62650, indicating the specific
connection from the local machine to the server.

● DNS Traffic:

7
To view domain name resolution activities, the filter:

> dns

was applied, capturing all DNS packets that resolved domain names such as iter.edu
to corresponding IP addresses.

Chapter 3:

Results and Observations

3.1 DNS Traffic Analysis

Captured DNS packets show the browser querying a DNS server to resolve "soa.ac.in/iter" to
an IP address. The following observations were made:

8
Packet Time Source IP Destination IP Quer Response
Numbe y
r Type

26478 52.789817 2405:201:a000:7 2405:201:a000: DNS A rr2---sn-gwpa-


85a::c0a8:1d01 785a:55c4:2188 Respo wgbe.googlevideo.c
:df73:a612 nse om (CNAME:
rr2.sn-gwpa-
wgbe.googlevideo.c
om)

Resolved IP: 49.44.79.236


DNS Query IP: 192.168.29.87

3.2 HTTPS Communication

HTTPS packets were captured, revealing the secure communication between the browser and
the server:

● Source Port: 443 (HTTPS)


● Destination Port: 62650 (Client Port)
● Protocol Used: TLS 1.3 (indicating secure communication)

3.3 Ports and IP Information

● Source IP: 192.168.29.87 (local machine)


● Destination IP: 192.168.29.87
● Packet Analysis: Average response time and TCP handshakes were observed.

9
Chapter 4:

Conclusion and Recommendations

This project demonstrates how network traffic can be effectively analyzed using Wireshark.
Key takeaways include the importance of DNS resolution and secure HTTPS protocols in
web communication. Future work could involve analyzing more complex applications or
automating packet analysis for continuous monitoring.

10
REFERENCES

[1] Ariponnammal, S., & Natarajan, S. (1994). Transport phenomena of SmSel – X Asx.
Pramana – Journal of Physics, 42(1), 421-425.
[2] Wireshark Documentation: Official User Guide. Retrieved from
[https://www.wireshark.org/].
[3] Breve Browser Official Site. Retrieved from https://www.soa.ac.in/iter.

11
Appendices Section

Screenshots:

12
13
14
15
16
17

You might also like