Home‎ > ‎CIS 140NA‎ > ‎

Lab 6: Preferences

The purpose of this lab is show you how to use and share profiles. 

Introduction

At first glance Wireshark profiles don't seem like a big deal. They are a big deal! Experienced sharkers carefully setup profiles that are task-specific and help them work quickly in multiple different environments. In this lab you'll import a profile from me, modify it and export it back.  

Import a Profile

Download my Lab 6 profile from the link below: 


Install it into your local Wireshark preferences directory. Start Wireshark and capture packets with the new profile selected. Take a screen capture of the Wireshark window with my Lab 6 profile active. There's a custom capture filter in my profile. What is it? 

Modify and Change the Profile

Create a new profile called "MyLab6" based on the profile that I provided you. Change the Window layout back to the stacked layout and add your own capture filter. It can be anything you like. Once you've done this ZIP your profile into a *.zip or *.tar.gz file and submit it on Canvas. 

Extra Credit

Wireshark can locate IP addresses automatically if it has a GeoIP database available. Follow the instructions here:


Once you have an GeoIP database enabled create a custom column in your display that reports the information "ip.geoip.asnum". You should have your "MyLab6" profile selected. After this step re-zip your MyLab6 profile and submit it. You only have to submit one MyLab6.zip. For extra credit you must also take a screenshot of a packet capture where Wireshark has identified the AS number. 

Turn In

  1. A screenshot of the Lab6 profile attached to this assignment
  2. Your MyLab6.zip profile 
  3. The answer to the question in part 2. 
  4. (Extra Credit) Your updated MyLab6.zip with a screenshot of GeoIP working.
Submit your homework on canvas.

Grading

  • 10 points for part 1
  • 10 points for part 2
  • 5 points extra credit for GeoIP
ċ
Lab6_Profile.zip
(43k)
Michael Matera,
Mar 1, 2016, 12:19 PM
Comments