🕵️‍♂️

Wireshark Network Monitoring

Jul 15, 2025

Overview

This lecture explores how Wireshark can be used to monitor and analyze home network traffic, revealing device activity, potential vulnerabilities, and steps to improve security.

Why Monitor Your Own Network?

  • Monitoring network traffic helps identify vulnerabilities and understand device communication.
  • Using Wireshark raised awareness about the risks of unmonitored home networks.

What Is Wireshark?

  • Wireshark is an open-source packet analyzer used to capture and inspect network data in real time.
  • It reveals details such as IP addresses, protocols, timing, and data content (if unencrypted).
  • Essential for cybersecurity tasks like troubleshooting, forensics, and ethical hacking.

Setting Up Wireshark

  • Install Wireshark and select the network interface (e.g., Wi-Fi adapter) to start capturing live traffic.
  • Requires administrative privileges and correct interface selection.

Key Insights From Traffic Analysis

  • Devices generate constant background traffic (DNS requests, notifications, API calls) even when idle.
  • Wireshark can reveal all connected devices, including unknown or unauthorized ones.
  • Old or legacy devices might still send unencrypted HTTP data, exposing sensitive details.
  • Frequent DNS requests can occur due to app integrations, even if the main service isn't in use.
  • Logging into non-HTTPS sites shows passwords in plain text within packet captures.

How to Improve Home Network Security

  • Enable WPA3 encryption on the router for stronger wireless security.
  • Change default IoT device passwords and block unknown MAC addresses.
  • Disable unused apps and background services.
  • Use a VPN when on public or untrusted networks.

Legality of Using Wireshark

  • Using Wireshark on your own network is legal.
  • Capturing traffic on networks without consent is illegal and unethical.

Wireshark for Learning Cybersecurity

  • Regular use trains users to spot anomalies and recognize normal versus suspicious traffic.
  • Wireshark is important for certifications like OSCP and CEH.

Frequently Asked Questions (FAQs)

  • Wireshark captures live data packets, visible details depend on encryption.
  • Safe and legal if analyzing your own network.
  • Can detect suspicious devices and traffic.
  • Passwords are only visible in unencrypted (HTTP) traffic.
  • Can filter, analyze, and help secure networks against threats.

Key Terms & Definitions

  • Wireshark — A network protocol analyzer for capturing and inspecting data packets.
  • Packet — A unit of data transmitted across a network.
  • Protocol — A set of rules governing data communication (e.g., HTTP, DNS).
  • MAC Address — A hardware identifier unique to each network device.
  • WPA3 — The latest Wi-Fi security standard.
  • VPN — A Virtual Private Network that encrypts data traffic.
  • HTTP/HTTPS — Protocols for web communication; HTTPS is encrypted.
  • Packet Sniffing — Monitoring and capturing packets on a network.

Action Items / Next Steps

  • Practice capturing and analyzing your own network traffic with Wireshark.
  • Update router security settings and device passwords.
  • Research legal and ethical considerations before monitoring any network.

View note sourcehttps://www.webasha.com/blog/i-used-wireshark-to-spy-on-my-own-internet-shocking-traffic-insights-for-beginners