IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives - - PowerPoint PPT Presentation

ipv6 6lowpan with wireshark
SMART_READER_LITE
LIVE PREVIEW

IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives - - PowerPoint PPT Presentation

Apr 19, 2023 199 likes •382 views

IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives (alvaro.vives@nodo6.com) NODO6 (www.nodo6.com) Content 1 Introduction to Wireshark 2 Capturing IPv6 Traffic 3 Capturing 6Lowpan Traffic 2 Workshop on New Frontiers in IoT -

slide-1
SLIDE 1

IPv6/6LoWPAN with Wireshark

March 2016 – ICTP

Alvaro Vives (alvaro.vives@nodo6.com) NODO6 (www.nodo6.com)

slide-2
SLIDE 2

Content

2

 1 Introduction to Wireshark  2 Capturing IPv6 Traffic  3 Capturing 6Lowpan Traffic

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-3
SLIDE 3

Wireshark (I)

3

 Wireshark is a sniffer, a free and open-source packet

analyzer, allows packet traces to be sniffed, captured, and analysed

 We can capture packets in an interface and Wireshark

understands the protocols used and shows the information in a friendly way

 Features:

 Available for Windows, Linux y Mac OS  Graphical interface  Allows for filtering the packet captures  Generates statistics and graphs  Lot of protocols supported

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-4
SLIDE 4

Wireshark (II)

4

 4 areas: menus and filters, list of captured packets, detailed information

about the selected packet, full content of selected pkt in hex and ASCII

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-5
SLIDE 5

Wireshark (III)

5

 Files -> Open

 To open saved capture files

 Help -> Sample Captures

 Allow to fetch caputre examples

 Capture -> Interfaces…

 Choos interface(s) in which capture

 Capture -> Options…

 Configure capture details

 Edit -> Find Packet

 To look for specific packets

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-6
SLIDE 6

Wireshark (IV)

6

 Detailed packet information:

 Information shown by layers  Expand/compress details

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-7
SLIDE 7

Wireshark (V)

7

 Two ways of applying Filters: 1.

Write filter expression and apply it.

 Protocols (ip, ipv6, icmp, icmpv6)  Protocol field (ipv6.dst, ipv6.src)  Complex expressions using operators: AND (&&), OR (II) or

negation (I)

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-8
SLIDE 8

Wireshark (VI)

8

 Two ways of applying Filters(cont.): 2.

Right click in one filed of a captured packet

 In the packet list  Appear a menu option "Apply as filter“ with several options

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-9
SLIDE 9

Wireshark (VII)

9

 statistics about the captured traffic:

 With applied filters, the statistics will be about the filtered traffic  Statistics and select, for example, Protocol Hierarchy

 Other interesting options are:

 Conversation List ---> IPv6  Statistics ---> Endpoint List ---> IPv6  Statistics ---> IO Graph

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-10
SLIDE 10

Wireshark (VIII)

10

 Statistics ---> IO Graph

 Allow to create and save graphs  Different lines for different types of traffic (filters)

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-11
SLIDE 11

Wireshark: Exercises (I)

11

 Exercise A: Capture packets on eth0 interface in your

RPi

 Filter by protocols: IPv4, IPv6, ICMPv6  Look into protocol details of Ethernet, IPv4/IPv6, etc.

 Exercise B: Apply Filters

 Show only IPv6 traffic  Only ICMPv6  Show pkts with your link-local address as source  Show pkts with your link-local address as source AND

destination

 Show only ICMPv6 type NA and NS

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-12
SLIDE 12

Wireshark: Exercises (II)

12

 Exercise C: See statistics of captured traffic by

protocols

 Exercise D: Generate a graph showing different lines

for IPv4, IPv6 and ICMPv6

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-13
SLIDE 13

Capturing 6Lowpan Traffic (I)

13

 Live demo of 6Lowpan capturing packets

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-14
SLIDE 14

Capturing 6Lowpan Traffic (II)

14

 Open the capture file: wireshark-ipv6-6lowpan.pcap  You need to change some things on Wireshark: 1.

Edit -> Preferences ->

2.

Protocols -> 6lowpan -> context0: aaaa::

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-15
SLIDE 15

Capturing 6Lowpan Traffic (III)

15

 You need to change some things on Wireshark (cont.): 1.

Edit -> Preferences ->

2.

Protocols -> IEEE 802.15.4

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-16
SLIDE 16

Capturing 6Lowpan Traffic (IV)

16

 You can see information of the different layers

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016

slide-17
SLIDE 17

Thanks!

17

Questions?

 Contact: info@nodo6.com / training@nodo6.com

http://www.nodo6.com

https://www.linkedin.com/company/nodo6

https://twitter.com/NODO6_RRSS

Workshop on New Frontiers in IoT - Trieste - 7-18 March 2016