Notice that it is an Ethernet II / Address Resolution Protocol frame.
Observe the packet details in the middle Wireshark packet details pane.Notice that the target IP address is the IP address of the default gateway.Īctivity 3 - Analyze an ARP Reply Notice that the target MAC address is all zeros, because the target MAC address is unknown at this point. Notice that the sender IP address is your IP address.
Notice that the sender MAC address is your MAC address. Expand Address Resolution Protocol (request) to view ARP details.Notice that the type is 0x0806, indicating ARP. You can use ipconfig /all, getmac, or ifconfig to confirm. All devices on the network will receive the ARP request. Notice that the destination field is the Ethernet broadcast address (FF:FF:FF:FF:FF:FF). Expand Ethernet II to view Ethernet details.To view only ARP traffic, type arp (lower case) in the Filter box and press Enter. Look for traffic with ARP listed as the protocol. Observe the traffic captured in the top Wireshark packet list pane.Use arp -a to view the ARP cache and confirm an entry has been added for the default gateway address.Īctivity 2 - Analyze an ARP Request.Use ping to ping the default gateway address.Use ipconfig to display the default gateway address.Open an elevated/administrator command prompt.Start Wireshark, but do not yet start a capture.YouTube: Wireshark 101: Address Resolution Protocol, HakTip 124Īctivity 1 - Capture ARP Traffic.Wikipedia: Media Access Control (MAC) Address.
0 kommentar(er)
