Answered step by step
Verified Expert Solution
Question
1 Approved Answer
General Info: For this project, you need to use Wireshark to capture packets and analyze these packets. Save your capture file for later access. In
General Info: For this project, you need to use Wireshark to capture packets and analyze these packets. Save your capture file for later access. In your report, you need to include snapshots of all packets along with their explanation. Write the report as professionally as possible. Once you are done, submit your report (in pdf format) along with your capture file in a zipped folder via email. The deadline for the project is Thursday 7/1/2021. Details: For this project, you need to choose a website of your own choice. Try to choose a website you did not visit before this is to avoid caching done by DNS and HTTP). Also, pick a website using http, not https to avoid encryption. Email me first which website you choose in order to get approval before proceeding to the next steps. For this part, do the following steps: - Start capturing using Wireshark Visit the website you chose When the page is fully loaded, close your browser, and stop the Wireshark capture. You can save the capture for later access. From the capture, you have to identify packets belonging to the following protocols: 1) For all the packets below, examine the IP header of the packets and extract the following: a. Source IP address b. Destination IP address c. Is this packet a fragment or not and why? 2) ARP: show packets related to ARP request and response. Identify the IP address of the node we need to find its MAC address in the request and identify the MAC address for the desired node in the response. Show snapshots of these packets. 3) DNS: show two packets (DNS request and DNS reply) and explain their contents. Attach snapshots of the packets. 4) Packets related to the TCP handshaking process: show the SYN. SYN+ACK, and final ACK (possibly piggybacked with data) along with their snapshots. Identify: a. The initial sequence numbers used by both side b. The window size at both sides c. Source and destination port numbers 5) Packets related to TCP Data exchange: show a TCP data packet and its corresponding ACK (possibly piggybacked with data). In the TCP data packet, identify the sequence number and the packet length. In the ACK, identify the Acknowledgement number (should be equal to the sequence number + packet length). Show their snapshots and highlight the required parameters. 6) Packets related to HTTP:show a GET message and its response. Include a snapshot of the packets and identify the following: a. HTTP version b. Is this a persistent or non-persistent connection c. The status of the response d. The server type used at the web server e. The date of last modification 7) Packets related to TCP connection termination: a. Is this a half-close? (hint: this can be identified by observing when the FIN packet is sent from each side) b. Show the FIN+ACK packet (or the ACK of FIN in case of half-close)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started