Lab W4L4 (2)

docx

School

University of Ottawa *

*We aren’t endorsed by this school

Course

8802

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

7

Uploaded by mabou055

Report
Week 4 Lab 4 – Analyze Packet DUE: Week4 VALUE : 3%  Objective of this Assignment: In this lab, learners learn how to analyze Hex output of Captured Packets and find information. Relevant Course Learning Requirements: CLR 1: Discover and differentiate between normal and anomalous network processes or traffic. Lab Topology/Addressing Lab summary: Analyze Hex output of Captured Packet
Week 4 Lab 4 – Analyze Packet Background / Scenario Unlike Wireshark GUI, tcpdump and tshark displays logs in Hexadecimal format. In this situation, a Security Analyst and expert needs to extract information and data from Hex output. In this Lab, we look in some Hex output and extract the information. Please note: 1) Screen shots provided in the Lab activities may not be the same as you see on the machine that you run Packet Capture tool. 2) “ Username” is your College username. 3) Save all screen captures and answers in a file named “W4_L4_ username .docx” and upload to the Week 4 Lab submission folder. Part 1) Work with tcpdump In this part you work with captured file from some Ping commands. Create 2 SSH terminal to KALI_LINUX from PC1 or PC2 From one of SSH connections, run the commands. Use second SSH connection to capture the Packets. a) Find the interface name that IP address 10.10.4.23 is assigned. (Hint: Run ifconfig on the first SSH terminal) Below screenshot is an example and you may see different interface name after type “ifcofig In this example it is assigned to “ens192”. In the tcpdump commands. Replace “<IF>” with the interface name that you have found in step a) b) On the first SSH terminal, run following command. ping 10.10.4.23 On the second SSH terminal, type following command and hit enter.
Week 4 Lab 4 – Analyze Packet tcpdump -i <IF> -XXX icmp -c2 Take a screen capture of the result. c) From the captured Hex output, extract below information below: Source MAC Address: _________________ Destination MAC Address: _________________ Ether Type: _________________ Source IP address: _________________ Destination IP Address: _________________ ICMP Type: _________________ ICMP Code: _________________ d) Convert below information from step c to Decimal: Source IP address:_____________ Destination IP address:_____________ Hint: Each IPv4 IP is 4 Octets. Each Octet is made of 8 bits or 2 Hexadecimal. Part 2) Work with tcpdump a) From below Hex Packet capture, find the answers for the items below: Source MAC Address: _________________ Destination MAC Address: _________________ Ether Type: _________________ Source IP address: _________________ Destination IP Address: _________________
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Week 4 Lab 4 – Analyze Packet Protocol: _________________ b) Convert the information below from step a to Decimal and enter it into your Lab submission file. Source IP address:_________________ Destination IP address: _________________ Protocol: _________________ Part 3) Work with tcpdump a) From the Hex Packet capture below, find the information for the following items: Source MAC Address: _________________ Destination MAC Address: _________________ Ether Type: _________________ Source IP address: _________________ Destination IP Address: _________________ Protocol: _________________
Week 4 Lab 4 – Analyze Packet b) Convert the information below from step a to Decimal: Source IP address: _________________ Destination IP address: _________________ Protocol: _________________ Part 4) Work with Wireshark a) From the Wireshark Packet capture below, find the information for the following items: Source MAC Address: Destination MAC Address: Version: Source IP address: Destination IP Address:
Week 4 Lab 4 – Analyze Packet This is the end of the lab. Please submit all the results, as instructed in the lab activities to the Brightspace Week 4 Lab 4 Submission folder.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Week 4 Lab 4 – Analyze Packet Grading Criteria   Exceptional   Proficient Unsatisfactory   Insufficient   3 2 0   Part1, Step b Screen capture An image with command result An image with some requested information An image with wrong parameters No answer Part1, Step c All information in the section Answer to 5 questions Answer to 3 questions No answer Part1, Step d All information in the section 1 correct IP address Wrong IP addresses No answer Part 2, Step a All information in the section Answer to 4 questions Answer to 2 questions No answer Part 2, Step b All information in the section Answer to 2 questions Answer to 1 question No answer Part 3, Step a All information in the section Answer to 4 questions Answer to 2 questions No answer Part 3, Step b All information in the section Answer to 2 questions Answer to 1 question No answer Part 4, Step a All information in the section Answer to 3 questions Answer to 1 question No answer Total marks:            /24   Total value:       /3%  

Related Documents

Period 8 APUSH Doc.pdf
Applied Changes TPR 4.docx
ARCH350_A6_VideoQuestion_LeCorbusier_La Tourette_ Revised-1.docx
ARCH350_Visual Acoustics -Revised.docx
Lab W11L9 (1).docx
Introduction Summary.docx
Lab W9L7 (1).docx
Lab W6L6.docx
Lab W2L2.docx
Lab W10L8 - pfSense (1).docx
Ransomware policy for schools.docx
Unit 5 - Westlake Hospital Example.pdf