Question

Use the following Wireshark filters to isolate and examine specific types of packets:net 192.168.0.0host 192.168.0.34tcp contains password

Answer the questions.
Steps:
1. Open Wireshark and select the enp2s0 and select blue fin to begin capture.
2. Apply the net 192.168.0.0 filter
- type net 192.168.0.0
- look at source and destination addresses
3. Apply host 192.168.0.34 filter
- Type host 192.168.0.34
- look at source/destination
4. Apply tcp contains password filter
- type tcp contains password
- select the red box to stop capture
- locate the password

What is the effect of the net 192.168.0.0 filter in Wireshark?

Answer 1

The "net 192.168.0.0" filter in Wireshark is used to display network traffic specific to the subnet 192.168.0.0. It filters packets where the source or destination IP address falls within the range of 192.168.0.0/24. This filter helps isolate and examine traffic within the specified network, allowing users to focus on communication within that subnet during packet analysis.

The "net 192.168.0.0" filter in Wireshark selectively captures and displays network traffic associated with the IP subnet 192.168.0.0/24. This filter narrows down packet analysis to interactions within the specified network, allowing for a focused examination of source and destination addresses involved in communication within the 192.168.0.0 subnet.

It aids network administrators and analysts in isolating relevant data, providing insights into the internal dynamics and interactions specific to the targeted IP range. This filtering mechanism proves invaluable for troubleshooting, monitoring, and understanding network behavior within the designated address space.