Question requires you to produce a pcap file from a Wireshark capture.  In addition, you must include a screen capture of Wireshark and some specific information regarding the frames captured.

Before completing this task, you must:

1. Have Wireshark installed on your personal desktop/laptop

2. Have network (Internet) connectivity to your desktop/laptop

3. Have completed the packet capture exercises in weeks 1 - 3

This activity cannot be completed on CQUNet connected labs.

Capture Requirements:

You are required to perform a capture of a web search.  In order to do this, you should:

1.    Begin the capture in Wireshark

2.    In your web browser (IE, Firefox, Safari etc.) go to

3.    Enter your CQU email address in the Catalogue search box (see "Screen Capture 1")

4.    Hit Search

5.    Stop the capture in Wireshark

pcap Requirements:

When you examine the frames you have captured in Wireshark, you will probably see a lot of activity apart from your web search.  For the purposes of this assignment, you must strip away all other parts of the capture EXCEPT those relating to the search.  You will need to do some research on how to do this - hint: what does "Follow TCP Stream" do?  The pcap file you submit should contain ONLY the frames relevant to the search.