Skip to content

[Basics] Understand TCP/IP model with Wireshark!

Last Updated on June 23, 2024 by Admin

In the world of networking, understanding the TCP/IP model is like unlocking the secrets behind the workings of the internet and modern networks. Wireshark serves as a crucial resource, enabling us to examine network traffic and gain profound understanding.

The TCP/IP model is the backbone of networking. It’s what defines how data travels, finds its way, and reaches its destination across networks. Its divided into 4 distinct layers as seen in the diagram. In this blog we will understand each layer practically using Wireshark.

Layer 1: Application Layer

The Application layer is where specific programs and services communicate with each other over the network using protocols like HTTP, FTP, and DNS. In the below picture of application layer we can see a HTTP response packer with 200 code and the html code of the page.

Layer 2: Transport Layer

Ensures reliable delivery of data between devices, managing connections and providing error-checking through protocols like TCP and UDP. We can get data like Source and Destination ports by analyzing the Transport layer of the packet on Wireshark.

Layer 3: Network Layer

Handles the routing and forwarding of data packets across different networks, using protocols like IP to ensure data reaches its destination efficiently. If we view the layer 3 of a data packet using Wireshark we can get information like the IP version and the source and destination IP addresses

Layer 4: Physical Layer

It deals with the physical transmission of data over the network medium, converting binary data into signals for transmission through cables, wireless, or other physical mediums. MAC addresses are visible on analysing the 4th layer using wireshark.

Can we analyze the OSI model using Wireshark

The answer is, No! We cannot visualize the OSI model using Wireshark as it is a theoretical model which divides the network into 7 layers. But the OSI model maps into the TCP/IP model as shown in the following diagram.

Refer to the slides that are used during this session.

Find all the resources including pdf of the slides, pcap files used in this blog below.

https://github.com/CyberForgeAcademy/Workshops/tree/main/Wireshark101%20-%20OWASP?source=post_page—–f6901cba7d08——————————–

Video of the Wireshark 101 session at Online Sync where TCP/IP Model was also covered

Stay ahead of the curve by joining our vibrant meetup community! Stay informed about upcoming events, workshops, and gatherings where we delve into the latest in technology and networking. Seize the chance to connect with like-minded individuals and enrich your knowledge base.

Click here to join our meetup group now.

Be sure to follow us on social media to stay updated on all our latest activities and insights. Join the conversation today! LinkedInInstagramFacebookYoutubeTelegram

Join the conversation

Your email address will not be published. Required fields are marked *

Enrollment started for August 24 Weekend and Bootcamp batches. Reserve your seat at discounted price now!

× How can I help you?