1
00:00:00,120 --> 00:00:05,460
In this video, I'm going to show you how to download and install Wireshark on a Windows computer.

2
00:00:05,730 --> 00:00:07,950
The process is fairly intuitive.

3
00:00:07,980 --> 00:00:12,930
First thing you need to do is open up a web browser and go to Wireshark.

4
00:00:13,760 --> 00:00:14,750
Dot org.

5
00:00:17,390 --> 00:00:24,230
This is the official Wireshark website, so simply browse to y shark org and then click a download.

6
00:00:24,350 --> 00:00:26,780
You then need to select the installer.

7
00:00:26,810 --> 00:00:30,380
In my example, it's going to be a Windows Installer 64 bit.

8
00:00:31,070 --> 00:00:33,260
I'm going to save that to my local computer.

9
00:00:33,590 --> 00:00:37,640
If you still running a 32 bit Windows operating system, you could select that.

10
00:00:37,790 --> 00:00:42,140
But I'm running Windows ten here, 64 bit operating system.

11
00:00:42,890 --> 00:00:45,140
I'm going to open up the folder.

12
00:00:46,150 --> 00:00:49,060
And then double click on the installation file.

13
00:00:50,570 --> 00:00:50,900
Click.

14
00:00:50,900 --> 00:00:53,870
Yes, to start the installation process.

15
00:00:54,960 --> 00:00:57,710
And now I'm simply going to just choose all the defaults.

16
00:00:57,720 --> 00:00:59,250
So click next.

17
00:00:59,580 --> 00:01:02,940
Now Wireshark is open source software.

18
00:01:02,970 --> 00:01:06,960
It's licensed under the new general public license.

19
00:01:06,990 --> 00:01:11,310
So you don't have to pay for Wireshark, but you need to agree to this license.

20
00:01:11,640 --> 00:01:13,650
Click agree to continue.

21
00:01:14,100 --> 00:01:18,090
I'm going to install all the default components and click next.

22
00:01:18,240 --> 00:01:23,310
I'm also going to add a Wireshark desktop icon to my desktop.

23
00:01:23,490 --> 00:01:24,570
Click next.

24
00:01:24,600 --> 00:01:27,270
I'm going to stay with the default installation directory.

25
00:01:27,300 --> 00:01:28,290
Click next.

26
00:01:28,440 --> 00:01:31,200
Click next again and click install.

27
00:01:31,560 --> 00:01:36,570
So basically all I did there was go through the default installation process.

28
00:01:38,780 --> 00:01:44,330
Now what Wireshark will do is add information to your network adapters.

29
00:01:44,870 --> 00:01:47,690
So at the moment I've only got network adapter to.

30
00:01:50,920 --> 00:01:55,060
So you can see here I've got Ethernet zero network to.

31
00:01:58,230 --> 00:01:59,670
But that will be updated.

32
00:02:00,090 --> 00:02:07,020
I'm going to agree to the end map installation and again, just select the defaults and click install.

33
00:02:10,479 --> 00:02:11,780
You can look at the details if you like.

34
00:02:11,800 --> 00:02:14,470
Otherwise, just wait for the installation to complete.

35
00:02:15,010 --> 00:02:16,690
It's a very simple installation.

36
00:02:19,830 --> 00:02:21,270
Going back through the installation.

37
00:02:21,270 --> 00:02:24,690
Notice this installing mop cap loopback adapter.

38
00:02:25,320 --> 00:02:26,460
So now.

39
00:02:28,400 --> 00:02:33,530
I've got this NP cap loopback adapter that gets installed automatically.

40
00:02:34,100 --> 00:02:36,020
Click next click finish.

41
00:02:38,620 --> 00:02:40,920
The Wireshark installation now completes.

42
00:02:41,050 --> 00:02:44,320
Notice it's extracting a bunch of files and installing.

43
00:02:44,500 --> 00:02:49,360
Why shock the why shock software is now installed and you can see that's completed.

44
00:02:49,510 --> 00:02:52,270
Click next and click Finish.

45
00:02:52,390 --> 00:02:58,120
So I've got Wireshark installed and I could run it, so I'll simply type Wireshark here.

46
00:02:58,820 --> 00:03:01,190
And run the desktop application.

47
00:03:04,020 --> 00:03:05,070
So there you go.

48
00:03:05,100 --> 00:03:07,520
You can see various network adapters.

49
00:03:07,530 --> 00:03:14,310
So my mop cap, loopback adapter and my Ethernet zero adapter, that's the one that I want to capture

50
00:03:14,310 --> 00:03:15,000
traffic on.

51
00:03:15,000 --> 00:03:16,760
So I'm simply going to double click it.

52
00:03:16,770 --> 00:03:21,060
And as you can see now, it's starting to capture traffic.

53
00:03:21,300 --> 00:03:26,310
Now it's capturing a lot of traffic on my local network, including Dropbox traffic.

54
00:03:26,580 --> 00:03:31,590
What I'll do however, is go to a website such as Cisco dot com.

55
00:03:33,800 --> 00:03:40,160
And then in my shock I'll stop this CAPTCHA and do a filter for HTTP.

56
00:03:40,760 --> 00:03:45,470
And what you can see here is I've been able to capture HTTP traffic.

57
00:03:46,180 --> 00:03:47,500
Can move these around.

58
00:03:47,500 --> 00:03:48,730
So that's easier to read.

59
00:03:48,730 --> 00:03:49,630
What's going on?

60
00:03:51,360 --> 00:03:55,080
But notice HTTP or hypertext transfer protocol.

61
00:03:55,620 --> 00:03:59,580
We can see this is actually traffic coming from a microsoft website.

62
00:04:00,810 --> 00:04:01,650
So.

63
00:04:02,690 --> 00:04:04,760
Stuff is being sent to Microsoft.

64
00:04:07,020 --> 00:04:09,060
But notice your http.

65
00:04:09,060 --> 00:04:10,950
So there's my http get.

66
00:04:11,690 --> 00:04:15,140
And then I'm getting a message saying that the website has been moved.

67
00:04:15,590 --> 00:04:19,010
Basically, I'm being redirected to.

68
00:04:19,720 --> 00:04:27,700
An HTTPS website rather than going to HTTP which is insecure, shouldn't be using it.

69
00:04:27,940 --> 00:04:35,170
I'm being redirected to a encrypted website so hence being told that the website has been moved because

70
00:04:35,170 --> 00:04:41,950
I'm going to be pushed to a encrypted website rather than using an insecure website.

71
00:04:42,980 --> 00:04:46,370
But the point is, is that I can connect to the Internet.

72
00:04:46,400 --> 00:04:52,190
You have some traffic to Amazon trust dot com, so a whole bunch of stuff happening in the background

73
00:04:52,610 --> 00:04:53,780
on my network.

74
00:04:54,290 --> 00:04:57,740
But were you able to capture some traffic in your example?

75
00:04:57,770 --> 00:05:01,650
As always, be careful capturing traffic on a network.

76
00:05:01,670 --> 00:05:04,250
You need to have permission to capture the traffic.

77
00:05:05,010 --> 00:05:05,850
In my example.

78
00:05:05,850 --> 00:05:06,390
That's fine.

79
00:05:06,390 --> 00:05:09,180
This is my own local home network.

80
00:05:09,360 --> 00:05:17,070
But be careful capturing traffic on any network, especially a public network, you could get into trouble.

81
00:05:17,070 --> 00:05:19,920
So adhere to the laws of where you are.

82
00:05:20,310 --> 00:05:23,280
Ethical hacking means that you need to be careful.

83
00:05:23,400 --> 00:05:25,080
Don't just hack any network.

84
00:05:25,110 --> 00:05:32,070
Don't just access any network unless you really want to go to jail or you want to get a fine.

85
00:05:32,220 --> 00:05:33,210
Be careful.

86
00:05:33,240 --> 00:05:34,860
Do things ethically.

87
00:05:35,400 --> 00:05:36,190
But there you go.

88
00:05:36,210 --> 00:05:37,020
Simple as that.

89
00:05:37,020 --> 00:05:42,030
To download and install Wireshark on a Windows computer and then capture traffic.

90
00:05:42,960 --> 00:05:48,270
In subsequent videos, I'll show you more options in Wireshark, but I simply wanted to get you started

91
00:05:48,270 --> 00:05:50,460
downloading and installing Wireshark.