Analysis And Comparison Of Wireshark For Two Websites

Capturing Packets for Analysis

The project is prepared for the analysis and comparison of the wireshark for two websites https://www.news.com.au and https:// iview.abc.net.au. The packets are captured for the analysis of the performance of the websites and evaluation of the quality of service provided by the websites to its users. The analysis is done in wireshark as it is an open source platform and has a user friendly interface that can be used for analysing data and protocols for gathering information about the website. There are three panels present in the interface of the wireshark network analysis application for the analysis of the flow of the data traffic in the network. It has different filters that can be applied for finding a specific group of data packets and it can be installed in any machine connected with the network to capture live traffic from the network. It acts as a powerful network analysis tool and can be used for the analysis of the different protocols and the IP address of the source and the destination address. The analysis of the source of the data packet helps in eliminating the different network vulnerabilities acting on the network. It also has different ability for to decrypt some of the data packets and analyse the performance of the network.

The time taken for the capture, total number of packets captured and the IP address of the client and server is demonstrated in the following screenshots.

Network 1

1. Time to capture 

1. Total number of captured packets 

1. IP addresses of the client and server.

IP address of the client – 192.168.43.143

IP address of the Server – 192.168.43.255

Network 2

1. Time to capture 

1. Total number of captured packets

 IP addresses of the client and server.

IP address of the client – 192.168.1.15

IP address of the Server – 23.207.140.119

Network 3

1. Time to capture 

1. Total number of captured packets 

1. IP addresses of the client and server.

IP address of the client – 192.168.1.15

IP address of the Server – 192.168.1.15

In this part the throughput, roundtrip time and the TCP retransmission is calculated and the screenshots are attached below for each of the network.

Network 1

1. Throughput 

1. Round Trip Time 

1. TCP Retransmission 

Network 2

1. Throughput 

1. Round Trip Time

 TCP Retransmission 

Network 3

1. Throughput

1. Round Trip Time

1. TCP Retransmission 

Comparing each of the network it has been found that the network 2 has the maximum throughput, round trip time and it is analysed for providing an effective network traffic. The comparison helps in identification of the performance of the network and it has been found that the second network has the highest performance.

Network 1

Throughput graphs 

For the network 1 the throughput graph shows for a segment length of 0 to 400 bytes.

Calculating Throughput, Round Trip Time, and TCP Retransmission

TCP retransmission statistics 

For the network 1 the TCP retransmission statistics is generated and it is found that the network is stable because the graph shows a vertical straight line.  

Network 2

Throughput graphs 

For the network 2 the through put of the network is shown for 0 to 500 bytes for the segment length and the maximum throughput is 500 bytes.

TCP retransmission statistics 

For the network 2 the TCP retransmission statistics is generated and it is found that the network is stable because the graph shows a vertical straight line.  

Network 3

Throughput graphs 

For the network 3 the maximum throughput is more than 400 bytes for the segment length and the minimum throughput is o bytes.

TCP retransmission statistics 

The network is stable and the sequence number flows from 3000 for a time span of 0 to 3.6 seconds.

A comparison is made between the Microsoft message analyser and the wireshark and the comparison is made based on different factors such as access and usage, GUI, Visualization of traffic, generation of statistics. 

Access and usage – The official website of wireshark can be utilized for downloading the source codes and the minimum requirement for running wireshark is 500 Mhz processor with a NIC card used for capturing the data packets. The minimum memory of the computer should be 512 Mb and have a free space in the hard drive of 80 Mb. The Win Pcap software is required and the computer should be able to extract archive files. The Microsoft message analyser should be able to extract the –tar files and commands are used for extracting.

GUI – The graphical user interface of both the network analysis tool is different from each other and from the comparison it has been found that the user interface is more user friendly in case of wireshark. The Microsoft message analyser needs to pass through different steps for analysing the network and its default view differs from wireshark.

Visualization of the traffic – There are different sections present in the user interface of wireshark and The captured packets are listed in the packet list pane and the details of the packet can be found by clicking on the packet and looking at the packet details pane of wireshark. Hash values can be generated from wireshark and used for the analysis of the performance of the network. It alos helps in troubleshooting the errors in the network. 

Statistics generation – The Microsoft message analyser is used for creating documentation and testing the different components of the network. It is also known as a technical analyser and applied in the network for the detection of the illegal access of the resources of the network and reduce the risk of network vulnerabilities. There are different tools available in Microsoft analyser that can be used depending on the type of the network and increase the security of the network. Report can be generated from the network for generation of statistics that can help to identify the usage of the network and reduce the risk of network attacks.

Conclusion

From the above report it can be concluded that the analysis of the three network helps in identification of the performance of the three network for the different websites visited from the different networks. The wireshark is used for the analysis of the throughput of the network and identification of the errors in the network and reduce the vulnerabilities acting on the different network. The network administrator can use wireshark for identifying the risk and reconfigure the network for increasing the security and performance of the network. It helps in generation of statistical report and visualization of the network traffic by capturing the live data packets transmitted over the network. The source and destination address of the data packets can be known and it can be used for the identifying the unknown source and blocking them to access the network.  

• Atwater, E., Bocovich, C., Hengartner, U. and Goldberg, I. Live Lesson: Netsim: Network simulation and hacking for high schoolers. In 2017 {USENIX} Workshop on Advances in Security Education ({ASE} 17). USENIX} Association}., 2017 August.
• Benton, A., Arora, R. and Dredze, M. Learning multiview embeddings of twitter users. In Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 2: Short Papers)(Vol. 2, pp. 14-19)., 2016.
• Cuppens, F. WirelessHART NetSIM: A WirelessHART SCADA-Based Wireless Sensor Networks Simulator. In Security of Industrial Control Systems and Cyber Physical Systems: First Workshop, CyberICS 2015 and First Workshop, WOS-CPS 2015 Vienna, Austria, September 21–22, 2015 Revised Selected Papers(Vol. 9588, p. 63). Springer., 2016, June.
• Nayak, P. and Sinha, P. Analysis of Random Way Point and Random Walk Mobility Model for Reactive Routing Protocols for MANET Using NetSim Simulator. In Artificial Intelligence, Modelling and Simulation (AIMS), 2015 3rd International Conference on(pp. 427-432). IEEE., 2015 December.
• Peng, J., Li, H., Wang, Y. and Chen, J. A web tool for measuring gene semantic similarities by combining Gene Ontology and gene co-function networks. In Proceedings of the 6th ACM Conference on Bioinformatics, Computational Biology and Health Informatics(pp. 678-679). ACM., 2015 September.
• Saifuddin, K.M., Ahmed, A.S., Reza, K.F., Alam, S.S. and Rahman, S. Performance analysis of cognitive radio: Netsim viewpoint. In Electrical Information and Communication Technology (EICT), 2017 3rd International Conference on(pp. 1-6). IEEE., 2017 December.
• Singh, G. and Singh, H. Performance Evaluation of MANET Routing Protocols using NETSIM. i-Manager’s Journal on Information Technology, 6(1), p.8., 2016.
• Singh, G., Cheema, A.K. and Kapoor, N. Performance Evaluation of Routing Protocol in Internet of Things using Netsim. International Journal, 8(3)., 2017.
• Chappell, L. Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution Series. Laura Chappell University., 2017.
• Sanders, C. Practical packet analysis: Using Wireshark to solve real-world network problems. No Starch Press., 2017.
• Ndatinya, V., Xiao, Z., Manepalli, V.R., Meng, K. and Xiao, Y. Network forensics analysis using Wireshark. International Journal of Security and Networks, 10(2), pp.91-106., 2015.
• Walnycky, D., Baggili, I., Marrington, A., Moore, J. and Breitinger, F. Network and device forensic analysis of android social-messaging applications. Digital Investigation, 14, pp.S77-S84., 2015.
• Messier, R. Packet Capture and Analysis. Network Forensics, pp.81-112., 2017.
• Cappers, B.C. and van Wijk, J.J. Semantic Network Traffic Analysis using Deep Packet Inspection and Visual Analytics., 2017.
• Quadrio, G., Bujari, A., Palazzi, C.E., Ronzani, D., Maggiorini, D. and Ripamonti, L.A. Network analysis of the steam in-home streaming game system: poster. In Proceedings of the 22nd Annual International Conference on Mobile Computing and Networking (pp. 475-476). ACM., 2016, October.

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order