CYB227 Week 3 Paper
docx
keyboard_arrow_up
School
University of Phoenix *
*We aren’t endorsed by this school
Course
227
Subject
Electrical Engineering
Date
Dec 6, 2023
Type
docx
Pages
9
Uploaded by ProfessorPencil11360
Wireshark Analysis Week 3
Wireshark Analysis Week 3
Question 3-1. How many frames travel to or from 80.78.246.209?
Using the display filter ip.addr==80.78.246.209
, you are able to identify that there are 32
frames
that travel to or from the Ip address 80.78.246.209. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter ip.addr==80.78.246.209
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 32 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Question 3-2. How many DNS packets are in this trace file?
Using the display filter dns
, you are able to identify that 8
DNS packets are in the trace file. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter dns
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 8 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Question 3-3. How many frames have the TCP SYN bit set to 1?
Using the display filter tpc.flags.syn==1
, we can identify that 12
TCP packets have the SYN bit set to 1. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter tcp.flags.syn==1
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 12 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Question 3-4. How many frames contain the string “set-cookie” in upper case or lowercase?
Using the display filter frame matches “(?i)set-cookie”
, we are able to identify that 3
frames contain the string “set-cookie”. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter frame matches “(?i)set-cookie”
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 3 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Question 3-5. How many frames contain a TCP delta time greater than 1 second?
Using the display filter tcp.time_delta > 1
, we are able to identify that 18 frames contain a TCP delta time greater than 1 second. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter tcp.time_delta > 1
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 18 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Question 3-6 See all traffic to 24.6.181.160.
Using display filter ip.dst==24.6.181.160
, we are able to identify that there are 17 frames that match the Ip address 24.6.181.160. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter ip.dst==24.6.181.160
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 32 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Question 3-7 See all the ACK flags.
Using the display filter tcp.flags.ack
, we are able to identify that there are 511 frames that have the ACK flag. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter tcp.flags.ack
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 511 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Question 3-8 Look for TCP delta times greater than two seconds.
Using the display filter tcp.time_delta > 2
, we can see that there are 17 frames that have a delta time greater than two seconds. To come to this conclusion, we used the following steps:
1.
Open the Wireshark application.
2.
Open the trace file challenge101-3.pcapng from the file menu.
3.
Input the display filter tcp.time_delta > 2
in the display filter bar.
4.
Press the apply display filter button or press enter.
5.
In the status bar, on the bottom of the application, we can see the total packets and displayed. 17 frames are displayed for our applied display filter.
6.
Take a screenshot.
7.
Remove the display filter by deleting it and hitting enter of pressing the clear display filter button.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Documents
Related Questions
For a FM system, the maximum freq deviation is 75 kHz and the maximum freq of the info. signal is 10 kHz. What will be the total bandwidth of the FM system? What will be the modulation index?
arrow_forward
9)
This QUESTION FROM Information theory course.
just write for me the the correct answer.
arrow_forward
Problem 2)-
The figure below shows the binary input data and carrier signal that used
in a optical comm system. Determine the data rate and baud rate for the following modulation
schemes:
a) Binary Phase Shift Keying
b) Binary Frequency shift Keying. Assume the carrier swing is 3MHz.
Input data
Carrier
9
1
'
Sus
Sus
arrow_forward
Calculate the offset for the physical address 00062 H and segment address FFFFH,
arrow_forward
Explain frequency hopping acquisition scheme using a simple PN sequence. Assume that the length of PN sequence is 15 and the number of frequency hopping levels is 8
arrow_forward
Answer the following:
1. In AM-DSB-LC, describe the possible values of the modulation index. Which
is the best for the envelop detection?
OUT
Ter
TFLAXY
2. Draw the diagram of the FDM.
3. List and explain two different sources for electrical noise in a communication
system?
.243
0.25
arrow_forward
Given that the base address is FoH.
1. Create a new asm project “Lab2_Q1.asm". Assume that port A of 8255A PPI is
connected to 8085. Write assembly code to send the value of FFH to FoH. Enter a delay
of 2 ms for each transmission.
arrow_forward
Fast please
@sync1
arrow_forward
SEE MORE QUESTIONS
Recommended textbooks for you
Delmar's Standard Textbook Of Electricity
Electrical Engineering
ISBN:9781337900348
Author:Stephen L. Herman
Publisher:Cengage Learning
Related Questions
- For a FM system, the maximum freq deviation is 75 kHz and the maximum freq of the info. signal is 10 kHz. What will be the total bandwidth of the FM system? What will be the modulation index?arrow_forward9) This QUESTION FROM Information theory course. just write for me the the correct answer.arrow_forwardProblem 2)- The figure below shows the binary input data and carrier signal that used in a optical comm system. Determine the data rate and baud rate for the following modulation schemes: a) Binary Phase Shift Keying b) Binary Frequency shift Keying. Assume the carrier swing is 3MHz. Input data Carrier 9 1 ' Sus Susarrow_forward
- Calculate the offset for the physical address 00062 H and segment address FFFFH,arrow_forwardExplain frequency hopping acquisition scheme using a simple PN sequence. Assume that the length of PN sequence is 15 and the number of frequency hopping levels is 8arrow_forwardAnswer the following: 1. In AM-DSB-LC, describe the possible values of the modulation index. Which is the best for the envelop detection? OUT Ter TFLAXY 2. Draw the diagram of the FDM. 3. List and explain two different sources for electrical noise in a communication system? .243 0.25arrow_forward
arrow_back_ios
arrow_forward_ios
Recommended textbooks for you
- Delmar's Standard Textbook Of ElectricityElectrical EngineeringISBN:9781337900348Author:Stephen L. HermanPublisher:Cengage Learning
Delmar's Standard Textbook Of Electricity
Electrical Engineering
ISBN:9781337900348
Author:Stephen L. Herman
Publisher:Cengage Learning