1. Is Wireshark open-source or proprietary?
Wireshark is open-source.
2. What is seen in each of the three panes that display the packets seen on a local area network?
The three panes seen are: the packet list pane with six column headings which shows each packet in a separate line, the tree-view pane which shows the headers of the various protocols ecapsulated in the packet, and the byte-view pane which shows the 10x bytes per row.
3. What does a display filter do?
Display filters allow you to define which packets are displayed in the list pane.
4. What does the protocol column show?
The protocol column shows the highest layer protocol in the frame.
5. How do you expand the details in a layer of the packet in the middle frame?
You can expand the details in a layer of the packet in the middle pane by clicking the plus sign.
6. Capture files have what file name extension?
Capture files have the file name extension, .pcap
7. The time column shows what?
The time column shows the time relative to the first packet.
8. When you right click on something in one of the panes what happens?
When you right click a packet in one of the panes, a menu of actions that you can perform is displayed.
9. How is a display filter removed?
To remove a filter expression, select “Clear” in the filter area.
10. When a filter is correct what color is the background of the filter window?
The color of the background is green when the expression is a valid expression.