Posts

How a Computer Gets an IP Address from the DHCP Server (DORA)

Image
 What happens if your computer doesn't have an IP (Internet Protocol) address? Certainly, you will not be able to do the things you commonly do. Such as surfing the web, using social media, and connecting to your college applications online. IP addresses do not come pre-loaded with our system; it is assigned to us either from our ISP or from our local network DHCP server.  We will look at how the actual process works and how the DHCP servers assign us an IP address. Below is the snippet showing the four steps involved in this process. These four steps are abbreviated with DORA (Discover, Offer, Request, Accept).  with  Image source: Wireshark interface  Let's start with the Discover step first, the first packet in our snippet. Here, you can see the source IP address is 0.0.0.0, which is our system address. Note that we still don't have an IP address yet, which is why it shows 0.0.0.0. The destination address is a broadcast address 255.255.255.255, sending t...
Post a Comment
Read more

Extracting JPEG Images from the network (Wireshark)

Image
 We work with image formats like JPEG all the time—for example, when uploading pictures to a server, downloading them from the internet, or sending photos to friends through email and other platforms. Using Wireshark, we can easily monitor our network traffic and see who is sending or receiving image files across the network. This is especially useful for analyzing data transfers and understanding how files move over HTTP or other protocols. Below is a sample capture that includes JPEG images. While you may not immediately see the image packets, they will become visible once we apply the appropriate filters in Wireshark.             Image source: Wireshark interface Once you apply the filter command, you'll see results similar to the example below—showing only HTTP traffic that contains JPEG image content.             Image source: Wireshark interface Keep in mind that JPEG files can be transferred using variou...
Post a Comment
Read more
Image
 Wireshark (What is middle pane in Wireshark?) As we mentioned in the previous post, we would cover the middle pane in Wireshark. In this post, I’ll briefly go over a few elements in each section of that pane. But before that, I’d like you to review the OSI model (shown below). You may be surprised, but the middle pane in Wireshark is actually organized in the same sequence as the OSI model — from bottom to top.                   Image source: Wireshark interface I have randomly selected this packet — it’s a TCP packet. The packet is highlighted in red because the connection was reset (as indicated by the RST flag in the Info column). There could be a variety of reasons for this, but most commonly, it’s due to latency issues or an application crash.  Image source: Wireshark interface The first section is the Frame, which corresponds to the Physical layer of the OSI model. This is where the actual conversion of bits into electr...
Post a Comment
Read more
Image
Wireshark (capturing traffic) Given that you have already downloaded and installed Wireshark on your PC (here's the link if you have not  https://www.wireshark.org/docs/wsug_html_chunked/ChBuildInstallWinInstall.html ), this is the screen where you will end up once you open Wireshark.     Image source: Wireshark interface   Arrow 1 : From here you can choose the interface you want to capture the traffic from, in my case I only have traffic on my WIFI interface (as you can see the spikes, right next to it), the bottom one is the loopback traffic interface it shows traffic going from your device to itself. The other options are LAN (Ethernet options).  Arrow 2: Once you click your interface (WIFI), click the blue shark fin, and this will start your network traffic capture.      Image source: Wireshark interface After clicking the blue shark fin button, it will bring you to this screen, and you can see all the traffic generating. ...
Post a Comment
Read more