NANDINI_300377653_LAB4

docx

School

Douglas College *

*We aren’t endorsed by this school

Course

2270

Subject

Computer Science

Date

Dec 6, 2023

Type

docx

Pages

7

Uploaded by BarristerWillpower1106

Report
CSIS2270 - Lab #4 Packet Capturing and Analysis Using Sniffers on Packet Tracer Name: NANDINI GOYAL Student No.: 300377653 Introduction: Packet capturing and protocol analysis tool can be used t o help us better understand how two devices communicate with each other. In this lab, we will be using the software tool Sniffer to capture messages sent from and received by your computer, and display the content of various protocol fields of each message. By capturing the packets, you can examine the process used by Address Resolution Protocol, and see how FTP uses TCP to move user data across the network. Objectives: 1. To gain a good understanding of the packet capturing tool Sniffer 2. To gain experience in using protocol capturing and analysis tool for analyzing network traffic. 3. To understand the operations of ARP, TCP and FTP protocols. 4. To get familiar with PDU’s encapsulation between different protocol layers. Equipment Required: 1. Lab 3 .pkt file with FTP Server and PCs Introduction to Sniffer 1
Figure 1 shows the structure of a packet sniffe r which can be used to capture messages sent from or received by your computer. It is composed mainly of two parts: the packet capture library and the packet analyzer. The packet capture library stores a copy of every layer 2 frame that is sent from or received by the computer. Since your computer is connected to an Ethernet network, all higher layer protocol data units (PDUs) are hence encapsulated within the Ethernet frames. The packet analyzer is used to display the contents of all the fields within the Ethernet frames. It is capable of identifying the various protocols’ fields and structures; hence, it can identify the IP datagram within an Ethernet frame, the TCP PDU within the IP, and the higher layer application data within TCP. We will add 2 sniffers to analyze packets in each directions on the network. A. Network Setup [_____/4] Start with the .pkt file from the CSIS2270 Lab3 Add a 2960 Switch Disconnect ONE PC from the HomeRouter and connect this to the 2960 Switch 1. Configure PC to use static IP# 210.100.10.52 with SM 255.255.255.0 2. Disconnect Server-PT (FTP) from the HomeRouter and connect to 2960 Swtich 3. Configure Server-PT with static IP# 210.100.10.51 with SM 255.255.255.0 4. PING from the PC to the Server-PT – make sure this works 5. Click on End-Devices, then find the Sniffer on the far right and click and drag as Sniffer0 6. click and drag another Sniffer as Sniffer1 7. Connect a - - - new black black X-over cable from Sniffer0-Ethernet1 to Sniffer1-Ethernet1 8. Disconnect Server-PT from 2960 Switch and connect this to Sniffer1-Ethernet0 9. Connect a new straight thru cable from Sniffer0-Ethernet0 to the 2960 Switch 10. On the PC, type PING 210.100.10.51 11. On Sniffer1, double-click to open, then click on GUI to see 2
B. Using Sniffer to study ARP requests and replies [_____/8] Since all messages exchange between any two devices on an Ethernet network will be encapsulated in Ethernet frames, it is necessary for the devices to determine each other’s physical address before messages can be exchanged. Knowing the destination’s IP address, a device can find out the corresponding MAC address by use of the Address Resolution Protocol (ARP). We will use Sniffer Wiresharkto gain a better understanding of ARP. What is the physical address (MAC address) of the Ethernet interface on the PC? 00:30:F2:CE:54:D7 What is the physical address (MAC address) of the Ethernet interface on the Server 00:E0:A3:39:DD:D3 3
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
1. On Sniffer1 a. Select the first arp in the filter box and press Enter. Only arp packets should now be displayed. b. listed. What is the source address in the Ethernet frame? What is the destination address in the Ethernet frame? From the ARP PDU: o What is the Opcode? 0x0001 o What is the Sender MAC address? 00E0.A339.DDD3 o What is the Sender IP address? 210.100.10.51 o What is the Target MAC address? 0000.0000.0000 o What is the Target IP address? :210.100.10.51 c. Select the second packet listed. What is the source address in the Ethernet frame? 00E0.A339.DDD3 What is the destination address in the Ethernet frame? FFFF.FFFF.FFFF 4
From the ARP PDU: o What is the Opcode? 0x0001 o What is the Sender MAC address? 00E0.A339.DDD3 o What is the Sender IP address? 210.100.10.51 o What is the Target MAC address? 0000.0000.0000 o What is the Target IP address? 210.100.10.52 2. Examine the ICMP packets. a. ICMP is the protocol used by the ping command for sending an echo request message to the remote device, and for the remote device to return a corresponding response echo reply message back. b. Type icmp in the filter box and press Enter. Only icmp packets should now be displayed. What are the source and destination MAC addresses of the first ICMP message? SOURCE: 00E0.A339.DDD3 DESTINATION: 000D.BD05.0B5A What are the source and destination IP addresses of the second ICMP requ est message? SOURCE: :210.100.10.51 DESTINATION: 210.100.10.52 What are the source and destination IP addresses of the third ICMP message? SOURCE: 210.100.10.51 DESTINATION: 210.100.10.52 5
C. Using Sniffer to study FTP session [_____/8] Refer to the lab work from lab#3 1. Ensure that the ftp server has been setup (the FTP server). 2. Test from PC that the ftp server is working 3. type ftp 210.100.10.51 using the user name student with password lab3 4. Transfer the file lab3t.txt from PC to the FTP server using the command: ftp> put lab3.txt 5. End the ftp session by typing quit . 6. On Sniffer1 7. Examine the packets captured and you should see some arp packets followed by some tcp and ftp packets. 8. tcp and ftp (which runs on top of tcp) packets will be displayed. 9. Examine the first tcp packets captured BEFORE the first FTP message. For the first TCP message, which Flag is set in TCP? 10. Examine the FTP messages exchanged between the server and the client. Note that the server sent Response messages to the client, whereas the client sent Request messages to the server. 11. After client user logged in and before the transfer of the file, can you see there is another three-way handshake that TCP used to establish another connection between the two devices? In these 3 TCP packets, what are the SEQUENCE NUMBERS and ACKNOWLEGEMENT NUMBERS of these TCP messages SEQ# ACK# On Sniffer0 (PC outgoing pkts) 0 0 On Sniffer1 (Server outgoing pkts) 0 1 On Sniffer0 (PC outgoing pkts) 1 1 The second TCP connection is used by ftp for data transfer whereas the first TCP connection is for ftp control data. 12. Examine the second to last FTP packet that sent your file to the server (FTP-DATA). Can you see the Message:Data connection already open; transfer starting 6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
What is the SEQUENCE NUMBER 107 Finish all the steps and answer all the questions then save the lab report file as instructed in the submission instructions below. Lab Submission instructions: 1. Save your report file as yourFirstname_yourID_Lab4. docx. (example: Mahmood_1234_Lab4.docx) 2. Send the file to your instructor not later than 6:00 pm on the DAY of the LAB through Blackboard ( do not send labs by email please. Any lab submitted by email will be ignored ). 3. Late submissions will not be marked and the student will lose the mark of that lab. 4. Students who don’t save lab files with proper names as indicated in 1,2,3 above, will lose 50% of the lab’s mark. 7

Related Documents

ECE 231 - Fall 2023 - HW4 - Solutions.pdf
Homework8_Solutions.pdf
hw9.pdf
TECH170_Lab3_JasmaandipSinghGill_N01461801.docx
hw7.pdf
hw6.pdf
Practice Exam 1 - Solutions.pdf
NP_EX19_4a_AvivLevy_Report_2.xlsx
m358k-hw-four-solns.pdf
Homework1_Solutions.pdf
Nandini_300377653_lab3.docx
Homework5_Solutions.pdf
Recommended textbooks for you
Text book image
Operations Research : Applications and Algorithms
Computer Science
ISBN:9780534380588
Author:Wayne L. Winston
Publisher:Brooks Cole
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Operations Research : Applications and Algorithms
Computer Science
ISBN:9780534380588
Author:Wayne L. Winston
Publisher:Brooks Cole
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
SEE MORE TEXTBOOKS