Observe the Client IP address and Client MAC address fields.Notice that it is bootps (68), the BOOTP server port. Notice that it is bootpc (67), the BOOTP client port. In the top Wireshark packet list pane, select the third DHCP packet, labeled DHCP Release.Observe the DHCP options and expand to view the details for IP Address Lease Time, Subnet Mask, Router (Default Gateway), Domain Name Server, and Domain Name, as well as any other options if included.Īctivity 4 - Analyze DHCP Release Traffic.This is the acknowledgement from the DHCP server. Notice that it is bootpc (68), the BOOTP client port. Notice that it is bootps (67), the BOOTP server port. Notice that the destination address is your IP address. Notice that the source address is the DHCP server IP address. The destination should be your MAC address and the source should be your DHCP server's MAC address. Observe the Destination and Source fields.In the top Wireshark packet list pane, select the second DHCP packet, labeled DHCP ACK.To analyze DHCP ACK (server acknowledgement) traffic: This is the request to the DHCP server.Īctivity 3 - Analyze DHCP ACK Traffic Observe the Client IP address, Client MAC address, and DHCP option fields.Expand Bootstrap Protocol to view BOOTP details.Expand User Datagram Protocol to view UDP details.Notice that the destination address is the IP address of the DHCP server. Notice that the source address is your IP address. Expand Internet Protocol Version 4 to view IP details.You can use ipconfig /all and arp -a to confirm. The destination should be your DHCP server's MAC address and the source should be your MAC address. Expand Ethernet II to view Ethernet details.Notice that it is an Ethernet II / Internet Protocol Version 4 / User Datagram Protocol / Bootstrap Protocol frame. Observe the packet details in the middle Wireshark packet details pane. In the top Wireshark packet list pane, select the first DHCP packet, labeled DHCP Request.To view only DHCP traffic, type udp.port = 68 (lower case) in the Filter box and press Enter. Observe the traffic captured in the top Wireshark packet list pane.To analyze DHCP Request (lease renewal) traffic: Type ipconfig /release and press Enter.Īctivity 2 - Analyze DHCP Request Traffic.Wikipedia: Dynamic Host Configuration ProtocolĪctivity 1 - Capture DHCP Traffic.These activities will show you how to use Wireshark to capture and analyze Dynamic Host Configuration Protocol (DHCP) traffic. Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. 10 Activity 8 - Analyze DHCP ACK Traffic.9 Activity 7 - Analyze DHCP Request Traffic.8 Activity 6 - Analyze DHCP Offer Traffic.7 Activity 5 - Analyze DHCP Discover Traffic.6 Activity 4 - Analyze DHCP Release Traffic.5 Activity 3 - Analyze DHCP ACK Traffic.4 Activity 2 - Analyze DHCP Request Traffic.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |