Step-by-Step Instructions for How to Use Protocol Analyzers
- 1). Download and install a protocol analyzer. The specific way of performing this step depends on your choice of protocol analyzer, among the many available possibilities. For example, for Wireshark (a free and powerful protocol analyzer) launch a Web browser on your computer. Navigate to the "Wireshark: Download" Web page, then click on the version for your operating system under the "Stable release" header. Wait until the download completes, then double-click on the downloaded file and follow the prompts.
- 2). Invoke the protocol analyzer and configure it to work with the network interface of your choice. For example, for Wireshark, double-click on the Wireshark desktop icon, then click on "Capture" and "Options." Select the network interface to be monitored from the pull-down menu at the "Interface" field. Select "Capture packets in promiscuous mode," and unselect "Hide capture info dialog."
- 3). Instruct the protocol analyzer to start monitoring the network. For example, for Wireshark, click "Start." A packet capture summary window will start displaying the number of packets captured so far for a variety of standard network protocols.
- 4). Generate some network traffic. The traffic depends on the behaviors you want to observe by using the protocol analyzer. For example, for HyperText Transfer Protocol (HTTP) traffic, just visit a few websites using your standard Web browser. Stop the packet capture process. For example, for Wireshark, click "Stop" on the packet capture summary window.
- 5). Analyze the captured network packets. For example, for Wireshark, the section of the main window immediately beneath the command bar will contain a table in which each line contains exhaustive information about an individual packet. Scroll through that table to identify the network transactions that took place during the capture.
Source...