Network Traffic Analysis (WireShark) - Salem73616C656D/reading-notes GitHub Wiki

Key Takeaways

OSI Model:

1. Physical
2. Data Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

Layer 2 is split into two parts: MAC Sub-Layer and the Data Link Sub-Layer.

MAC Sub-Layer: Establishes the Media Access Control address (MAC) which is the computer's physical address per the NIC. Data-Link Sub-Layer: Establishes connections and protocols for use in a wider network.

Layer 3 provides structure relating to how data can be efficiently transferred from one network to another.

WireShark

Wireshark is a Network Protocol Analyzer. It is used to capture packets on a network for further inspection. Packet Capture: listens to a network connection in real time and then grabs entire streams of traffic. Filtering: capable of filtering out only the desired information. Visualization: allows you to visualize entire conversations and network streams.

Vocabulary

No New Vocabulary

Conclusion

Network Data Delivery is possible through the second and third layer of the OSI model using MAC and IP respectively. Wireshark allows you to capture that data and view it as it is being sent.