We're Open
+44 7340 9595 39
+44 20 3239 6980

ANALYSIS OF PROTOCOLS WITH WIRESHARK

  100% Pass and No Plagiarism Guaranteed

ANALYSIS OF PROTOCOLS WITH WIRESHARK

Question 1. Analysis of Protocols with Wireshark [14 marks]

Objective: Gain a good understanding of common Internet protocols as well as using packet capture software (Wireshark)

The file a01-assignment-1-question-1-capture.pcap on Moodle contains packets

captured in an exchange between several computers.

The capture was performed in an internet where all subnets used a /24 mask. The capture was performed on interface eth1 on a computer with the following details:

Use the file and the above information to answer the following sub-questions. Do not try to guess answers; use only the above information, the capture file and your knowledge of networking and security to find the answers.

(a)Several applications were used on several different computers. Complete the table to summarise the applications in use in the network. The columns are:

Application name or protocol, e.g. Web, SSH, ?, where ? means cannot determine from the capture.

Transport protocol. TCP, UDP, ICMP or other.

Client Port(s). Use a range, e.g. 1-10, if the client changes ports for each connection.

Server PortClient IPServer IP.

Time of use. The time when the application is in use. Round to the nearest second. Use a range, e.g. 0-4 seconds.

The first row includes example values of selected columns. Complete (or edit) and add further rows as necessary. [4 marks]

Advanced Network Security

Page 2 of 8

 

Application Table

App.

Tra.

Client

Server

Client

Server

Time

 

 

Port(s)

Port

IP

IP

of use

Web

 

48158-

 

 

 

0-4

 

 

48170

 

 

 

 

 

 

 

 

 

 

 

(b)Complete the address table below to show known address information of computers/interfaces in the network. Some information in the table may not be known (e.g. cannot be determined from the capture). Use a question mark “?“ in the table if the information is not known. Use only the information in the question and the capture file to determine the answers (do not guess). [2 marks]

Address Table

Computer

Interface

MAC

IP

1

1

08:00:27:cc:71:35

192.168.1.1

1

2

08:00:27:1c:6d:33

192.168.4.1

1

3

08:00:27:61:fc:c4

192.168.5.1

2

 

 

 

(c)Some of the computers in the network have domain names as well as IP addresses. List the IP address and domain name of each computer with a domain name, and give the packet number where you found the domain name. [2 marks]

(d)Consider the 1st TCP connection in the capture (which starts at packet number 3 in the capture file). Draw a message sequence diagram that illustrates all packets in that TCP connection. A message sequence diagram uses vertical lines to represent events that happen at a computer over time (time is increasing as the line goes down). Addresses of the computers/software are given at the top of the vertical lines. Horizontal or sloped arrows are used to show messages (packets) being sent between computers. Each arrow should be labelled with the protocol, packet type and important information of the message. Examples of message sequence diagrams are given in workshops. Note that you do not need to show the packet times, and the diagram does not have to be to scale. [2 marks]

(e)Briefly explain how a TCP connection starts (or opens), and how it completes (or closes), using the 1st TCP connection from the capture (and your message sequence diagram above) as an example. [2 marks]

(f)Some of the computers in the network are running a web server. Choose one of the computers and then list which files exist on the web server, and which files do not exist on the web server. Explain how you know the files (that is, refer to the packet number(s) in the capture). [2 marks]

(g)What is the password? [0 marks – this is challenge, but worth no marks. Don’t tell other students the answer if you find it.]

Advanced Network Security

Page 3 of 8

COIT20262

Assignment 1

Term 1, 2017

Marking Scheme

(a)All connections are listed correctly: 4 marks. Minor mistakes in few connections: 3 marks. Missing few connections and/or multiple mistakes: 2 marks. Missing multiple connections and/or many mistakes: 1 marks. Most connections wrong: 0 marks.

(b)2 marks for service table; 2 marks for address table. All entries included: 2 marks. Some entries missing or wrong: 1 mark. Most entries missing or wrong: 0 marks.

(c)All packets clearly shown: 2 marks: Minor mistakes: 1 mark. Multiple packets wrong and/or multiple mistakes: 0 marks.

(d)All computers/domains listed: 2 marks. One mistake: 1 mark. More than one mistake: 0 marks.

(e)Clear explanation of connection open and close: 2 marks. Mistakes or wrong explanation of one of the steps: 1 mark. Multiple mistakes or wrong explanation of both steps: 0 marks.

(f)All files (both those that exist and those that don’t exist) listed with packet numbers referenced: 2 mark. Some minor mistakes or missing file: 1 mark. Multiple mistakes or multiple missing files: 0 marks.

(g)This sub-question is worth 0 marks. It has no impact on your total marks.


100% Plagiarism Free & Custom Written,
Tailored to your instructions


International House, 12 Constance Street, London, United Kingdom,
E16 2DQ

UK Registered Company # 11483120


100% Pass Guarantee

STILL NOT CONVINCED?

View our samples written by our professional writers to let you comprehend how your work is going to look like. We have categorised this into 3 categories with a few different subject domains

View Our Samples

We offer a £ 2999

If your assignment is plagiarised, we will give you £ 2999 in compensation

Recent Updates

Details

  • Title: ANALYSIS OF PROTOCOLS WITH WIRESHARK
  • Price: £ 109
  • Post Date: 2024-08-28T18:23:38+00:00
  • Category: Assignment
  • No Plagiarism Guarantee
  • 100% Custom Written

Customer Reviews

 ANALYSIS OF PROTOCOLS WITH WIRESHARK ANALYSIS OF PROTOCOLS WITH WIRESHARK
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

My order went 3 hours late and I also went mad. Then the customer support team calmed me down and offered me a flat discount of 50%. However, I did get my order and chilled out as the work was exactly what I requested. Next time I would place my order a bit sooner to save any trouble.
Reviews: 5

A masterpiece of assignment by , written on 2020-03-12

Writing is not my field. I take help from this website for my accounting assignment. The work is good and I scored good grades in it. Thank you from the bottom of my heart.