Ping Another Device on a Network Using ICMPv4 Echo Requests
Objective: Send Echo Request messages to a host on your network, receive Echo Reply messages, and capture the transaction in Wireshark.
Description: This project shows you how to use the Ping utility at a Windows command prompt to test connectivity with another local computer and capture the exchange of ICMPv4 packets using the Wireshark packet analyzer.
- Open a command prompt window. (Use the Start menu search box or the Search box on the task bar. Type cmd and then press Enter.)
- At the command prompt, type ping and press Enter to view the available commandline parameters. Keep the command prompt window open while you follow the next steps to launch the Wireshark program.
- Start Wireshark. (In Windows 7, click the Start button, point to All Programs, and then click Wireshark. In Windows 10, click the Start button, click All apps, and then scroll down and click Wireshark in the menu. Alternately, use the Start menu search box [Windows 7] or the Search box on the taskbar [Windows 10], type Wireshark, and then click Wireshark in the resulting list.)
- Click Capture on the menu bar, and then click Options.
- Select the active interface, which is likely the Local Area Connection, and then click the Start button. (There may be more than one interface, and this is okay.)
- Switch to the command prompt window by clicking its icon on the Windows taskbar, or use Alt+Tab to make the command prompt window active. (If you have other applications or windows open, you may have to press Alt+Tab several times to select the command prompt window.)
- Type ping ip_address, where ip_address is the address of another device on the network. (You can use the arp -a command to get the IP address of another computer or device on your network, if needed.) You should have some packets in your Wireshark trace buffer.
- Do not close the command prompt window. Click the Wireshark icon on the taskbar, or use Alt+Tab to make the Wireshark window active.
- Click Capture on the menu bar, and then click the Stop button to stop Wireshark from capturing any more packets, or just click the Stop button on the main toolbar.
- Scroll through the packets you captured in your trace buffer. You should see several ICMP Echo Request and ICMP Echo Reply packets. Because no filter was applied before running this capture, you may have other students’ traffic in your buffer as well as your own.
- To save the captured packets as a trace file (for future reference), click File, then click Save As. Using the “Save in” drop-down list at the top of the dialog box, navigate to a folder on your computer where you can save a data file. Enter ch05_MyPing-ICMP in the File name field. Select Wireshark/…-pcapng from the “Save as type” drop-down list to save it in the .pcapng format. Click Save.
- Close Wireshark and the command prompt window.