IP is the network protocol in the TCP/IP protocol stack that carries all upper layer information. Whether it is HTTP, Video, IP Telephony, or other application, IP will be the Layer-3 protocol for all of them. In this section, we will look at some tools that will help us with the analyses of IP traffic.
Just open Wireshark, connect it to the network, configure port mirror to the device you want to test, and start it.
There are several tools and configurations that will help you with the analysis of IP traffic. Among them are:
When you monitor a communication line, connectivity to a server, traffic to the Internet, or any other type of traffic, there are several tools for monitoring the source and destination IPs.
Following are the steps for seeing the source and destination IPs:
This is very simple. Wireshark uses the DNS server configured on your laptop in order to translate the IP addresses to names. In some cases, it can be very helpful to find out problematic traffic patterns. These can be, for example:
You can see, for example, a browser configured with the Conduit toolbar. The moment you run it, you will see many connections to the websites that you know, and to the websites that you don't. Here, for example, you see connections to the Conduit website, and also to a Content Delivery Network (CDN) vendor.
To see the exact website and pages, you can, of course, select Statistics | HTTP and choose the relevant feature (with IP configured as filter).
Some rules for efficient usage of toolbars:
18.118.193.7