Part 1 Install the current stable release of Wireshark (http://www.wireshark.org/download.html ); if using a lab machine, install
Question:
Part 1
Install the current stable release of Wireshark (http://www.wireshark.org/download.html); if using a lab machine, install Wireshark portable (i.e. you can install anywhere, even on a USB flash drive). Start a network packet capture on the correct interface (promiscuous or not depends on your privileges) and capture a trace of the network activity when you're browsing to a search engine (e.g. Google). Do the same when you're browsing a site containing a simple, non-secure web form, such as http://zero.webappsecurity.com/login.html, and submit some information (while capturing packets). Document this activity with a screenshot (i.e. showing that the information you typed in the browser is also displayed in one of the packets).
Part 2
Spend more time exploring the search & filter options of the tool so that you can zero in on a particular conversation stream (i.e. set of packets exchanged). Go to http://wiki.wireshark.org/SampleCaptures and download the "telnet-cooked.pcap" file. Open it with Wireshark and investigate the contents of the file to determine what username and password was used to log in during the captured activity. Document this activity as well with a screenshot.
Making Hard Decisions with decision tools
ISBN: 978-0538797573
3rd edition
Authors: Robert Clemen, Terence Reilly