FeedBack for the Session – Walkthrough of WireShark / Net Mon (Analyzing TCP/IP network using Wireshark/Net Mon)
Conducted by – MITP UserGroup.
Date /Time – 5th March, 2011 (2.00 pm to 8.00 pm IST)
Venue – Windsor, Microsoft Office, Santacruz.
Speaker -Mr. Shabbir Ahmed.

Hello IT Pro’s,

The day i heard about this event being conducted by MITP-User Group, I was waiting for this day to come. And knowing that speaker is none other than our very own Shabbir Ahmed (With due RESPECT, i call him Shabbir Bhai), the excitement was to the fullest. Then comes "THE DAY", was really amazed /happy to see the room packed / filled with audience. Luckily i got the place to sit, inspite being a little late for the event (sorry guys…apologies).

Rushingly and Gushingly i settled down, took out the notepad and started listening to the speaker with full concentration.

It all started with "C21D". Yeah guys, for all those who are still wondering and figuring out what this means [honestly, as i was late, even i was trying to figure it out , this was the small exercise given to all the participant’s at the start requiring to convert the HEX number into DECIMAL equivalent. Everyone including me, started to solve the problem and come out with the solution at the earliest (like a race against time). Everyone scratching their head, counting numbers on fingers, trying to remember their basics which they did during their High School etc but to no avail. Finally, some one got it but unfortunately provided the wrong answer. This showed the clear need to ‘Brush-Up the Basics’, and Shabbir Bhai did just that. He started with the very basics- right from OSI reference model , number system, conversion between number system to the Header Formats/Specifications. This was really necessary to grasp / understand the very Basic principle and concept that is required to read the packets captured using WIRESHARK.

And honestly guys, this basics refreshment proved to be the real essence later on while while reading captured packets and doing other demos.

After clearing the basics ( which included header formats, ASCII charts, OSI – TCP/IP network models etc), we jumped on to the actual product itself. Yeah guys, it was the time to explore the beautiful product- WIRE-SHARK. Shabbir bhai walked us through the installation process and technicalities associated within. He explained as to how our machine can capture the packets which are not meant for itself ideally, and how is it possible in Wireshark. This is possible due to a smart tool called Windows Packet Capture(WinPCap) which automatically gets installed, when installing Wire-shark. Its this tool that allows our machine to capture the packets not destined for itself, by turning the system into PROMISCUOUS mode(correct me shabbir bhai, if i am wrong), and voila now your system captures all the traffic on the wire.

After successful installation, we tried capturing packets using various methods / protocols like TELNET and TCP /UDP.

Shabbir bhai actually showed the demo of Capturing Packet which used TCP and Telnet as an underlying protocol. he also taught us how to read the captured packets and understand what is happening at background while we just visit any site through browser. Guys, just visiting a page say google.com or pinging a website results in lots of packets being captured. We actually captured and read those packets.

Also we did a quick walk-through of the features of the product and its similarities / relative comparison with Microsoft’s tool Network Monitor. With this i would like to sum-up by saying a day well spent for me and most of us truly. (and yeah also we we running beyond time to vacate the hall  as the booking was only till 8.00 pm) I am sure, this was the most exciting / enthralling day for most of us IT pro guys.

Cheers!!! guys, lot to come – Be a part of MITP User Group.

Looking Forward to attend more such sessions and I am definitely attending the forthcoming session on "Building your own Private Cloud Using Microsoft’s HyperV – IaaS". Hope to catch you guys there.