What is Control Protocol Dissection in Wireshark?
Wireshark is a network packet analyzer or tracer. Network Packet Analyzer displays captured packet data in as much detail as possible. It is a popular open-source network protocol analyzer used by ethical hackers to analyze network traffic to identify vulnerabilities or potential security breaches.
Wireshark has three major functionality, and it does three things:
- Packet Capturing
In this article, we will learn what is Control Protocol dissection in Wireshark, as we know that Wireshark is a packet capture analyzer tool. in terms of ethical hacking, Wireshark is a very useful tool that helps identify the many kinds of protocols.
Control Protocol Dissection
Wireshark is a network protocol analysis tool that can be used to analyze protocols. Management protocols are used to manage network devices, configure network settings, and monitor network activity. In terms of network security Dissection means that, the action of dissecting the network’s protocols and studying and analyzing them.
So in terms of Wireshark or ethical hacking Control Protocol dissection is a very major thing that how we interact with the protocols and how we use them, Basically how the user can control the protocol and dissected it.
There are two ways to control the relationship between protocol dissectors. Either completely disabling the protocol dissector or temporarily changing the way Wireshark calls the dissector.
1. The Enabled Protocols Box
The Enabled protocol dialog box is basically used to enable and disable specific kinds of protocols. suppose you have disabled any protocol then Wireshark can’t be identified or encountered that protocol. as you can see in the below image there is n number of protocols which you can enable all, disable all, or invert. to reach the enabled protocol click on the Analyze button then Enabled Protocol.
2. User-Specified Decodes
The Decode As feature allows you to temporarily reject certain sections of the protocol. This can be useful, for example, when performing unusual experiments on the network. to reach Decode click on the Analyze button and then click on Decode As.
Steps To Control Protocol Dissection
Here are the steps to perform control protocol dissection in Wireshark:
Step 1: So first of all we have to open our Wireshark tool and select the network interface that we want to capture packets. Select the wifi network interface to capture the packet.
Step 2: For capturing the packet click on the ‘capture’ button.
Step 3: Once the control protocol packets are captured, packets are usually transmitted on some protocols such as port 80 (HTTP), port 443 (HTTPS), port 22 (SSH), SNMTP, etc.
Step 4: After that stop, the packet capture clicks on the stop button. Now what we have to do that we will Filter the captured packets by the control protocol you want to dissect.
Now if we want to dissect the HTTP protocol so just type the HTTP in your display filter section then you will the all transmitted protocol of HTTPS.
Step 5: Now Select the first packet in the filtered list and expand the “Transmission Control Protocol” (TCP) section to see the details of the packet.
Step 6: After that, we will analyze the different fields of protocol like Source and destination IP addresses, source and destination ports, HTTP method used (GET, POST, etc.), HTTP response code,
So as you can see in the below image we find the HTTP packet with source and destination ports, the HTTP method which is used to transmit this packet.
Please Login to comment...