Understanding basic networking concepts is crucial when using Wireshark for network analysis. Here are some key terminologies and concepts related to Wireshark:

1. Packet:

   • A packet is a basic unit of data transmitted over a network. It contains both the data being transmitted and control information.

2. Protocol:

   • A protocol is a set of rules that govern the communication between devices on a network. Wireshark can analyze various protocols, such as TCP, UDP, IP, HTTP, DNS, etc.

3. Capture Filter:

   • A capture filter is a rule set on Wireshark to selectively capture specific packets based on criteria like source/destination IP addresses, protocols, ports, etc.

4. Display Filter:

   • A display filter in Wireshark allows you to filter and view specific packets from the captured data. It uses a syntax similar to that of capture filters.

5. Promiscuous Mode:

   • Network interfaces are, by default, set to only receive packets addressed to their specific MAC address. In promiscuous mode, the network card captures all packets on the network, regardless of the destination address.

6. IP Address:

   • An IP address is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.

7. MAC Address:

   • A MAC (Media Access Control) address is a unique identifier assigned to a network interface controller (NIC) for use as a network address.

8. TCP (Transmission Control Protocol):

   • A connection-oriented protocol that provides reliable and ordered delivery of data between applications. It breaks data into packets, ensures they arrive in order, and requests retransmission if necessary.

9. UDP (User Datagram Protocol):

   • A connectionless protocol that provides a simple and lightweight mechanism for delivering data without guaranteed order or reliability.

10. HTTP (Hypertext Transfer Protocol):

    • A protocol used for transferring hypertext requests and information on the World Wide Web.

11. DNS (Domain Name System):

    • A system that translates human-readable domain names into IP addresses, allowing computers to locate and connect to each other on the Internet.

12. SSL/TLS (Secure Sockets Layer/Transport Layer Security):

    • Protocols that provide secure communication over a computer network. They are commonly used for encrypting data during transmission, such as in HTTPS.

13. SYN, ACK, FIN (TCP Flags):

    • TCP uses flags in the packet header to control the connection. SYN is used to initiate a connection, ACK acknowledges receipt of packets, and FIN signals the end of a connection.

14. Wireshark Profile:

    • Wireshark allows users to create profiles to customize settings and configurations, making it easier to switch between different analysis scenarios.

15. Round-Trip Time (RTT):

    • The time it takes for a packet to travel from the source to the destination and back. Wireshark can be used to analyze and measure RTT for network troubleshooting.

16. Payload:

    • The actual data part of a packet, excluding headers and control information.

17. Capture Interfaces:

    • Wireshark can capture data from different network interfaces. Users can select the specific interface they want to monitor.

These concepts provide a foundation for using Wireshark effectively in analyzing network traffic and troubleshooting issues. As you use Wireshark more, you’ll become familiar with these terms and gain a deeper understanding of network protocols and communication.