Lab W2L2

docx

School

University of Ottawa *

*We aren’t endorsed by this school

Course

8802

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

8

Uploaded by mabou055

Report
Week 2 Lab 2 – Packet Capture Tools Introduction DUE: Week2 VALUE : 3%  Objective of this Assignment: In this lab, learners start to capture packets Relevant Course Learning Requirements: CLR 2: Explain the purpose of network analysis in security. Lab Topology/Addressing Lab summary: Run Packet capture tools in Windows and Linux environments. Execute basic commands on Linux.
Week 2 Lab 2 – Packet Capture Tools Introduction Navigate to different tabs in Wireshark. Background / Scenario Packet capture applications and tools are different in Linux and Windows based operating systems (OS). In Windows with Graphical User Interface, Wireshark is a common Packet capture tool; while in Linux distributions, Tcpdump is a command line tool. In this lab, as an introduction to Packet captures tools, you will examine Wireshark and Tcpdump and use some basic features/menus. Please note: 1) Screen shots provided in the Lab activities may not be the same as you see on the machine that you run Packet capture tool. 2) “Username” is your College username. 3) Save all screen captures and answers in a file named “W2_L2_ username .docx” and upload to the Week 2 Lab submission folder. Part 1) Work on Wireshark Run “Wireshark ” on PC1. a) Select Ethernet Interface and start to capture the Packets. Make sure you select the profile made in Lab1. b) Start to capture the Packets and monitor the Packet List Pane. Answer the questions below: Is number of Packets in the Number column increasing? ____ What is the number of the Packets in Status Bar? ____ Do they both show the same number? ____
Week 2 Lab 2 – Packet Capture Tools Introduction c) On the Main Toolbar, click on “Auto Scroll in Live Capture”. Clicking on “Auto Scroll in Live Capture”, stops scrolling down and the list of Packets will stop, while number of Packets in “Status bar” increases. Take a screen capture from the Wireshark window. Click on “Auto Scroll in Live Capture” again and observe the differences. Add your observation to the W2_L2_ username .docx file. d) Open a “command Prompt” and type: ping -n 10 10.10.4.60 Observe the result of the ping command on the Wireshark screen. Click on “Auto Scroll in Live Capture”, to scroll the packet list pane, if required. Next, type the following command in the command prompt and observe the result. ping -n 10 <KALI_LINUX_IP> What difference do you observe? List 3 protocols that you are seeing in the Protocol Column.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Week 2 Lab 2 – Packet Capture Tools Introduction e) Add a new column as “Host” and move the new column to the right of the “Destination” column. When creating new columns, in the “Fields” column type “http.host”. f) Change the display time in the “Time” column to “UTC date and Time of Day” and select “Seconds”. You can change them in the “Time Display Format” in View menu. Take a screen capture from the Wireshark window. g) Check the “Coloring Rules..” under the View menu. Take a screen capture from the Wireshark window. Under the View menu, click on “Colorize Packet List” and observe what happens in the “Packet List” pane. What happened when you click on “Colorize Packet List”? ______________ Next, click on “Colorize Packet List” in the “Main Toolbar”. At this point, all Packets in the “Packet List” should be differentiated by the colors. h) Select “Options” in the “Capture” menu. In the “Input” tab verify “Promiscuous” is selected for Ethernet Interface and start to capture Packets.
Week 2 Lab 2 – Packet Capture Tools Introduction Stop the capturing Packets after 5 minutes minutes. In the “Input” tab, uncheck “Promiscuous” and start to capture Packets. Stop the capturing Packets after 5 minutes minutes. Take a screen capture from the Wireshark window. What happens after “Promiscuous” is unchecked?___________ i) In the Statistics “Menu”, select “Protocol Hierarchy”. Expand all fields if they are not expanded. Take a screen capture from the Wireshark window. Part 2) Work on tcpdump Connect to Kali Linux. You can use SSH from Windows PCs. a) From PC1, ping Kali Linux IP address. On Kali Linux, type following command and take a screen capture from the ssh window. tcpdump -eni eth0 -c2 b) On Kali Linux, type following commands and take a screen capture from the ssh window. clear tcpdump -eni -vv eth0 -c2 c) On Kali Linux, type following commands and take a screen capture from the.
Week 2 Lab 2 – Packet Capture Tools Introduction clear tcpdump -eni eth0 -vv -c2 d) On Kali Linux, type following commands and take a screen capture from the ssh window. clear tcpdump -i eth0 -nnvXXSs 0 -c2 -tttt icmp Observe the timestamps in the output. e) On Kali Linux, type following commands and take a screen capture from the ssh window. clear tcpdump -i eth0 -nnvXSs 0 -c2 -tttt icmp Observe the Hex string after 0x0000 f) On Kali Linux, type following commands and take a screen capture from the ssh window. clear tcpdump -i eth0 -nnvXXSs 0 -c2 -tttt icmp Observe the Hex string after 0x0000 This is the end of the lab. Please submit all the results, as instructed in the lab activities to the Brightspace Week 2 Lab 2 Submission folder.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Week 2 Lab 2 – Packet Capture Tools Introduction Grading Criteria   Exceptional   Proficient Unsatisfactory   Insufficient   3 2 0   Part1, Step b All requested information 2 correct answers One correct answer No information Part1, Step c All requested information (image and observation) some requested information (image or observation) Image with wrong information No requested information Part1, Step d All requested information Answer only second question Answer only first question No information Part1, Step f An image with all new columns An image with some new columns An image with some wrong columns No image / An image without new columns Part1, Step g All requested information (image and question) Only answer to the question Only image No requested information Part1, Step h All requested information (image and question) Only answer to the question Only image No requested information Part1, Step i An image form protocol hierarchy An image without protocol hierarchy Wrong Image (other menus) No image Part 2, Step a An image with all requested information An image with some requested information An image without requested information No image Part 2, Step b An image with requested information An image with some requested information An image without requested information No image Part 2, Step c An image with requested information An image with some requested An image without requested information No image
Week 2 Lab 2 – Packet Capture Tools Introduction information Part 2, Step d An image with requested information An image with some requested information An image without requested information No image Part 2, Step e An image with requested information An image with some requested information An image without requested information No image Part 2, Step f An image with requested information An image with some requested information An image without requested information No image Total marks:            /39 Total value:       /3%  

Related Documents

ARCH350_Visual Acoustics -Revised.docx
Lab W11L9 (1).docx
Introduction Summary.docx
Lab W4L4 (2).docx
Lab W9L7 (1).docx
Lab W6L6.docx
Lab W10L8 - pfSense (1).docx
Ransomware policy for schools.docx
Unit 5 - Westlake Hospital Example.pdf
IT-FPX4803_GwynnHonda_Assessment2-1.docx
cyber-10.docx
IT-FPX4803_GwynnHonda_Assessment3-1.docx