can someone please help me with question 3
thank you!
DHCP Packet Analysis This exercise involves using Wireshark to examine a packet capture, analyze the contents and discover meaning of the traffic. For the questions that you extract the answer from the Wireshark, include a snapshot from the related part of the packet in your response file. Wireshark Wireshark can downloaded and installed on most operating systems or you can use it on the VMs in the lab. If you use a lab computer, copy the capture files on a USB drive and in the VirtualBox menu, select Devices > USB to select your drive and open it in the Linux VM - a file browser will open when this process completes. DHCP Request Open the attached packet capture file dhcp-request.pcap. This file contains the packets exchanged while a client was obtaining an IP address from a DHCP server. 1. Select the first packet and expand the Bootstrap Protocol (Dynamic Host Configuration Protocol) in the middle panel. Find the option that shows the DHCP Message Type. Wireshark describes this as DHCP: Discover. Expand this item and find the numeric value that is used to identify this option. Repeat for the remaining packets. a) What numeric value identifies a DHCP Discover? b) What numeric value identifies a DHCP Offer? c) What numeric value identifies a DHCP Request? d) What numeric value identifies a DHCP ACK? 2. Continue examining the first packet a) Explain the meaning of the destination IP address and why it is used as the destination of this packet. b) The transaction ID identifies packets that are part of the same DHCP exchange. Where within the packet is this value located? c) What Transport Layer protocol is used by DHCP exchanges? d) What port number is used to identify a DHCP server? 3. The DHCP server provides an IP address to the client a) In which packet does the client receive an IP address provided by the server? b) What is the server's IP address? c) What IP address is provided to the client? d) What subnet mask is provided to the client? e) How long does the client get to keep the IP address? f) How long can the client wait until it should request to renew its IP address? dhcp request()).pcap Seide View Go Capture Analyse Statistics Telephony Wieless Books Help Tady decay Ten 2 0.001696 11.45765 4 1.049930 5 1.04 ... Linksys dataf173 192.168.1.1 e.e.e.e 192.168.1.1 255.255.255.25 Broadcast 255.255.255.255 255.255.255.255 255.255.255.255 Protocol Length Info DAN M2 DROP D-Traction des AAP se who has 192.168.1.101? Tell 192.168.1.1 DHCP 590 DKP Offer Transaction Teeseece DHCP 12 OKP Request Transaction ID deseece) DHCP 590 OHCP ACK Transaction ID desece > Fram 1: 342 bytes on wire (2736 bits), 142 by capture (2736 bits) > Ethernet 11, Sec Dell 47:36:23 (00:0874:46:36:23), Ost Broadcast (ffiffiffiffiffift) > Internet Protocol Version 4, Sre: 0.0.0.0, Ost: 255.255.255.255 > User Datage Protocel, Sre Port: 68, Ost Port: 67 > Dynamic Host Configuration Protocol (Discover) T + 1 Ff00 74 47 36 23 000 45 00 10 0 0 0 11 1695 00 00 00 00 ff ff 004) 01 34 9 7 21 01 09 Se Se 00 00 00 00 00 00 00 00 00 00 74 47 36 23 00 00 00 00 06 H DC4 1 deprenew Upcap file Edit View Go Capture Analyze Statistics Telephony Wireless loobs Help LIR departe Ne Source Destoration Prolocal Length Info DI DUKCP 590 CP ACK Transaction ID 0x257 2 0.001752 192.168.1.1 255.255.255.255 > Tram 11 342 bytes on wire (2736 bits), 142 bytes captured (2736 bits) > Ethernet IT, Sre: Dell 47:36:23 (00:08:74:41 176:23), Ost: Linksys datof:73 (00:06:25:da:af:73) > Internet Protocol Version 4. Sret 192.168.1.101, Ost: 192.168.1.1 > User Datagram Protocol, Sre Porti 68, Ost Port: 67 > Dynamic Host Configuration Protocol (Request) t068 E H | 1 U to 10 06 25 da af 73 00 74 47 36 23 00 00 45 00 01 40 b) 2 00 00 80 11 02 04 CO 88 01 65 ca 01 01 044 043 01 34 24 30 01 01 06 00 25 7e 5. 00 00 00 00 01 65 00 00 00 00 00 00 0 0 00 00 00 00 00 es 74 47 36 23 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DO 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0 e0 00 00 00 00 00 00 00 00 00 00 00 0 o 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 0e 00 00 00 0 0 00 0 0 00 00 00 00
