IT104_EverardoMartinez_Unit1_LabAssessment
pdf
keyboard_arrow_up
School
Purdue University *
*We aren’t endorsed by this school
Course
104
Subject
Information Systems
Date
Feb 20, 2024
Type
Pages
15
Uploaded by ChefScorpion1998
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Student:
Email:
Ever Martinez
everardomartinez@student.purdueglobal.edu
Time on Task:
Progress:
6 hours, 5 minutes
100%
Report Generated:
Tuesday, October 24, 2023 at 7:53 PM
Section 1: Hands-On Demonstration
Part 1: Explore Wireshark
13.
Make a screen capture
showing the fields related to time
.
Part 2: Analyze Wireshark Capture Information
Page 1 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
7.
Make a screen capture
showing the complete hexadecimal representation for the source
and destination Media Access Control (MAC) addresses in Packet 546
.
8.
Record
the code assigned by the IEEE to Intel for use in identifying Intel Core network
interfaces in Packet 546
.
00:22:fa:1c:eb:e6
9.
Record
the MAC address used for IPv4 multicast in Packet 546
.
01:00:5e:7f:ff:fa
Page 2 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
12.
Record
the version of the Internet Protocol being used in Packet 546
.
Internet Protocol Version 4
13.
Record
the source IP address in Packet 546
.
192.168.1.64
19.
Make a screen capture
showing the related frame numbers for Packet 546
.
Page 3 of 15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Make a screen capture
showing the
complete hexadecimal representation for the source
and destination Media Access Control (MAC) addresses in Packet 545
.
Record
the IEEE-assigned manufacturer’s unique ID in Packet 545
.
90:fb:a6:8a:a5:aa
Record
the MAC address used for multicast in Packet 545
.
33:33:00:00:00:0c
Record
the version of the Internet Protocol being used in Packet 545
.
Internet Protocol Version 6
Page 4 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Record
the source IP address in Packet 545
.
fe80:7dbd:e37:d3f8:4fe9
Make a screen capture
showing the related frame numbers for Packet 545
.
Page 5 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
36.
Make a screen capture
showing the time
(found in the Time column on the left) that each
step
of the handshake
occurred
.
45.
Make a screen capture
showing the response to the issaseries.org query
.
Page 6 of 15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Section 2: Applied Learning
Part 1: Explore Wireshark
12.
Make a screen capture
showing the http traffic
.
15.
Make a screen capture
showing the
fields related to time
.
Page 7 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Part 2: Analyze Wireshark Capture Information
5.
Record
the number of bytes captured and the bytes on the wire
.
237
7.
Record
the manufacturer of the destination device
.
ASUStekC
10.
Record
the source IP address
.
10.2.1.45
16.
Make a screen capture showing the
entire list of cipher suites
.
Page 8 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
21.
Make a screen capture showing the issuer of the certificate
.
24.
Make a screen capture showing the details of the certificate
.
Page 9 of 15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
27.
Make a screen capture showing the public key and signature hash for the certificate
.
35.
Make a screen capture showing the first three-way TCP handshake in the Flow Graph
.
Page 10 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
40.
Make a screen capture showing the query posed in this packet
.
Page 11 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Section 3: Challenge and Analysis
Part 1: Research Common Network Traffic
Identify
at least five common protocols and their associated TCP/UDP port numbers, then explain
their purpose and relevant features (for example, known security vulnerabilities, etc.).
HTTP is associated with port 80 as a hypertext transfer protocol and allows the web browser to
connect to the web pages on the internet
HTTPS is associated with port 443 and allows the connection to the internet but has a security feature
by encrypting and authenticating network packets before transferring over the internet.
DNS is associated with port 53 and is referred to as a Domain Name System, it uses relational
databases to link the host names of computers or networks to their addresses.
SSH is associated with port 22 and is called Secure Shell, carries a task by remotely connecting to a
remote server or host, and can also send data/files over the network that becomes encrypted ensuring
secure file transfer.
FTP is associated with ports 20 and 21, called File Transfer Protocol, which allows the transfer of files
over the internet. Port 20 forwards and transfers data while port 21 signals for a file transfer and
listens to all commands in the FTP server.
Part 2: Capture and Filter Traffic Using Wireshark
Make a screen capture
showing the MAC address resolved by ARP for the DNS server
.
Page 12 of 15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Make a screen capture
showing the destination IP address and port number of the DNS server
.
Make a screen capture
of the three-way handshake that took place between the client PC and
the web server
.
Page 13 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Make a screen capture
of the actual HTTP traffic that was delivered from the
corporationtechs.com web server
.
Part 3: Analyze Capture Files
Make a screen capture
showing the updated Wireshark TCP preferences for relative sequence
numbers
.
Page 14 of 15
Analyzing Network Traffic with Wireshark (3e)
Network Security, Firewalls, and VPNs, Third Edition - Supplemental Lab 01
Make a screen capture
showing the flow graph displaying the sequence and acknowledgement
values recorded during the three-way handshake
.
Powered by TCPDF (www.tcpdf.org)
Page 15 of 15
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help