Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

I need help analyzing Wireshark output. Here's what I need to do: Select 5 packets (from at least 3 different protocol types) and write a

I need help analyzing Wireshark output.

Here's what I need to do: Select 5 packets (from at least 3 different protocol types) and write a one page analysis (double spaced) for each packet discussing your options of what is occurring here (for a total of at least 5 pages). Take a screenshot of each packet you are analyzing as well (does not could towards the one page length requirement).

Here the 5 screenshots

image text in transcribedimage text in transcribedimage text in transcribedimage text in transcribedimage text in transcribed

Wireshark. Packet 26. Ethernet 2 Frame 26: 77 bytes on wire (616 bits), 77 bytes captured (616 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, ido > Ethernet II, Src: 02:00:40:4f:46:50 (02:00:40:4f:4f:50), Dst: IPv4mcast_fc (01:00:5e: 00:00:fc) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 224.0.0.252 > User Datagram Protocol, Src Port: 53688, Dst Port: 5355 > Link-local Multicast Name Resolution (query) E LOOP i...f 0000 2010 0020 2030 0040 01 00 5e 00 00 fc 02 00 00 3f 5e f4 00 00 01 11 00 fc di b8 14 eb 09 2b 00 00 00 00 00 00 11 37 39 2d 39 32 2d 53 61 66 40 4f 4f 50 08 00 45 00 69 aa a9 fe 66 15 e 00 83 ac c3 29 00 00 00 01 36 2d 32 32 32 2d 32 30 00 00 01 00 01 7 6-222-20 9-92-Saf No.: 25. Time: 114.090492. Source: 169.254.102.21. Destination: 224.0.0.252. Protocol: LLMNR. Length: 77. Info: Standard query Oxc329 A 76-222-209-92-Saf Wireshark Packet 6. Ethernet 2 > Frame 6: 97 bytes on wire (776 bits), 97 bytes captured (776 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, id o > Ethernet II, Src: 02:00:40:48:4f:50 (02:00:40:4f:4f:50), Dst: IPv6mcast_01:00:03 (33:33:00:01:00:03) > Internet Protocol Version 6, Src: fe80:: 1482: bace: 1899:6615, Dst: ff02::1:3 > User Datagram Protocol, Src Port: 65297, Dst Port: 5355 > Link-local Multicast Name Resolution (query) 33 LOOP 0000 33 33 00 01 00 03 02 00 4C 4f 4f 50 86 dd 60 00 0019 00 00 00 2b 11 01 fe 80 00 00 00 00 00 00 14 82 0020 ba ce 18 99 66 15 ff 02 00 00 00 00 00 00 00 00 2630 00 00 00 01 02 03 ff 11 14 eb 00 2b b7 c2 07 44 2040 00 00 00 01 00 00 00 00 00 00 11 37 36 2d 32 32 0050 32 20 32 30 39 2d 39 32 20 53 61 66 00 00 01 00 0060 01 f +D 76-22 2-209-92 -Saf.... No.: 5. Time: 9.062671. Source: fe80::1482:bace:1899:6615. Destination: #02 -1:3 . Protocol: LLMNR. Length: 97. Info: Standard query Ox0744 A 76-222-209-92-Saf Wireshark Packet 1. Ethernet 2 > Frame 1: 179 bytes on wire (1432 bits), 179 bytes captured (1432 bits) on interface \Device\NPF_{@3586045-C7E3-4B24-B382-FA354F1396F1}, ido > Ethernet II, Src: 02:00:40:4f:4f:50 (02:00:40:4f:4f:50), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 239.255.255.250 User Datagram Protocol, Src Port: 51334, Dst Port: 1900 Simple Service Discovery Protocol 0000 01 00 5e 7f ff fa 02 00 4C 4f 4f 50 08 00 45 00 0010 00 a5 4d fb 00 00 04 11 68 3f a9 fe 66 15 ef ff 0020 ff fa c8 86 07 60 00 91 3c ad 4d 2d 53 45 41 52 0030 43 48 20 2a 20 48 54 54 50 2f 31 2e 31 Od Oa 48 0040 6f 73 74 3a 20 32 33 39 2e 32 35 35 2e 32 35 35 0056 2e 32 35 30 3a 31 39 30 30 od ea 53 54 3a 20 75 0060 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 0070 6f 72 67 3a 64 65 76 69 63 65 3a 49 6e 74 65 72 0080 6e 65 74 47 61 74 65 77 61 79 44 65 76 69 63 65 0090 31 ed Oa 4d 61 20 22 73 73 64 70 64 00a8 69 73 63 6f 76 65 72 22 od Oa 4d 58 3a 20 33 od bobo Oa Od Oa ..A..... LOOPE -M h?.... .....1.. Frame 10: 253 bytes on wire (2024 bits), 253 bytes captured (2024 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, ido > Ethernet II, Src: 02:00:40:4f:48:50 (02:00:40:4f:4f:50), Dst: Broadcast (ff:ff:ff:ff:ff:ff) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 169.254.255.255 > User Datagram Protocol, Src Port: 138, Dst Port: 138 > NetBIOS Datagram Service > SMB (Server Message Block Protocol) > SMB Mailslot Protocol > Microsoft Windows Browser Protocol E LOOP Tf W 0030 f EDFJECE FFCFFEHC NDHDFCAC ACACACAA A ABACF PFPENFDE CFCEPFHF DEFFPFPA CAB. SMB 2000 ff ff ff ff ff ff 02 00 4c 4f 4f 50 08 00 45 00 0010 00 ef 77 98 00 00 80 11 08 54 a9 fe 66 15 a9 fe 0020 ff ff 00 8a 00 8a 00 db ce 9e 11 02 fd 69 a9 fe 66 15 00 8a 00 05 00 00 20 45 44 46 4a 45 43 45 0040 46 46 43 46 46 45 48 43 4e 44 48 44 46 43 41 43 0050 41 43 41 43 41 43 41 41 41 20 20 41 42 41 43 46 0069 50 46 50 45 4e 46 44 45 43 46 43 45 50 46 48 46 0070 44 45 46 46 50 46 50 41 43 41 42 00 ff 53 40 42 0080 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 00 00 2b 00a 00 00 00 00 00 00 00 00 00 e8 03 00 00 00 00 00 cobe 00 00 00 2b 00 56 00 63 00 01 00 01 00 02 00 3c coco 00 5c 4d 49 4c 53 40 4f 54 5c 42 52 4f 57 53 Bede 45 00 Oc 00 60 ea 00 00 4d 41 52 59 56 49 40 40 45 00 b8 bd 53 6a ec 09 03 a 00 10 00 80 ec 00 Befo 00 00 43 59 42 45 52 55 47 2d 37 35 00 0090 + V \MAILSL OT BROWS E..... MARYVILL E..Sj CYBERU G-75 eeep No.: 10. Time: 13.541985. Source: 169.254.102.21 Destination: 169.254.255.255. Protocol: BROWSER. Length: 253. Info: Domain Workgroup Announcement MARYVILLE, NT Workstation Domain Enum Wireshark. Packet 3. Ethernet 2 > Frame 3: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, id a > Ethernet II, Src: 02:08:40:4f:4f:50 (02:00:40:4f:4f:50), Dst: Broadcast (ff:ff:ff:ff:ff:ff) > Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255 > User Datagram Protocol, Src Port: 68, Dst Port: 67 > Dynamic Host Configuration Protocol (Discover) E LOOP H... .D.C.4 so M LOOP 2000 ff ff ff ff ff ff 02 00 40 4f 4f 50 00 45 00 0019 01 48 5c bo 00 00 80 11 dc f5 00 00 00 00 ff ff 0020 ff ff 00 44 00 43 01 34 73 4f 01 01 06 00 11 f1 0030 57 ff ob 00 80 00 00 00 00 00 00 00 00 00 00 00 0049 00 00 00 00 00 00 02 00 40 4f 4f 50 00 00 00 00 2050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0079 00 00 2080 0099 Bag Bobo Boco vodo 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00e0 of 0109 0119 0129 0130 0140 0150 00 00 00 00 00 63 82 53 63 35 01 3d 07 01 02 00 4C 4f 4f 50 Oc Oa 43 59 42 45 52 55 47 2d 37 35 3c 08 40 53 46 54 20 35 2e 30 37 Od 91 of 03 06 2c 2e 2f 1f 21 79 f9 fc 2b ff 00 00 00 00 00 00 00 00 00 00 C. Sc5 LOOP CYBERUG- 75 Ethernet II, Src: 02:00:40:4f:46:50 (02:00:40:4f:4f:50), Dst: IPv4mcast_fc (01:00:5e: 00:00:fc) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 224.0.0.252 > User Datagram Protocol, Src Port: 53688, Dst Port: 5355 > Link-local Multicast Name Resolution (query) E LOOP i...f 0000 2010 0020 2030 0040 01 00 5e 00 00 fc 02 00 00 3f 5e f4 00 00 01 11 00 fc di b8 14 eb 09 2b 00 00 00 00 00 00 11 37 39 2d 39 32 2d 53 61 66 40 4f 4f 50 08 00 45 00 69 aa a9 fe 66 15 e 00 83 ac c3 29 00 00 00 01 36 2d 32 32 32 2d 32 30 00 00 01 00 01 7 6-222-20 9-92-Saf No.: 25. Time: 114.090492. Source: 169.254.102.21. Destination: 224.0.0.252. Protocol: LLMNR. Length: 77. Info: Standard query Oxc329 A 76-222-209-92-Saf Wireshark Packet 6. Ethernet 2 > Frame 6: 97 bytes on wire (776 bits), 97 bytes captured (776 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, id o > Ethernet II, Src: 02:00:40:48:4f:50 (02:00:40:4f:4f:50), Dst: IPv6mcast_01:00:03 (33:33:00:01:00:03) > Internet Protocol Version 6, Src: fe80:: 1482: bace: 1899:6615, Dst: ff02::1:3 > User Datagram Protocol, Src Port: 65297, Dst Port: 5355 > Link-local Multicast Name Resolution (query) 33 LOOP 0000 33 33 00 01 00 03 02 00 4C 4f 4f 50 86 dd 60 00 0019 00 00 00 2b 11 01 fe 80 00 00 00 00 00 00 14 82 0020 ba ce 18 99 66 15 ff 02 00 00 00 00 00 00 00 00 2630 00 00 00 01 02 03 ff 11 14 eb 00 2b b7 c2 07 44 2040 00 00 00 01 00 00 00 00 00 00 11 37 36 2d 32 32 0050 32 20 32 30 39 2d 39 32 20 53 61 66 00 00 01 00 0060 01 f +D 76-22 2-209-92 -Saf.... No.: 5. Time: 9.062671. Source: fe80::1482:bace:1899:6615. Destination: #02 -1:3 . Protocol: LLMNR. Length: 97. Info: Standard query Ox0744 A 76-222-209-92-Saf Wireshark Packet 1. Ethernet 2 > Frame 1: 179 bytes on wire (1432 bits), 179 bytes captured (1432 bits) on interface \Device\NPF_{@3586045-C7E3-4B24-B382-FA354F1396F1}, ido > Ethernet II, Src: 02:00:40:4f:4f:50 (02:00:40:4f:4f:50), Dst: IPv4mcast_7f:ff:fa (01:00:5e:7f:ff:fa) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 239.255.255.250 User Datagram Protocol, Src Port: 51334, Dst Port: 1900 Simple Service Discovery Protocol 0000 01 00 5e 7f ff fa 02 00 4C 4f 4f 50 08 00 45 00 0010 00 a5 4d fb 00 00 04 11 68 3f a9 fe 66 15 ef ff 0020 ff fa c8 86 07 60 00 91 3c ad 4d 2d 53 45 41 52 0030 43 48 20 2a 20 48 54 54 50 2f 31 2e 31 Od Oa 48 0040 6f 73 74 3a 20 32 33 39 2e 32 35 35 2e 32 35 35 0056 2e 32 35 30 3a 31 39 30 30 od ea 53 54 3a 20 75 0060 72 6e 3a 73 63 68 65 6d 61 73 2d 75 70 6e 70 2d 0070 6f 72 67 3a 64 65 76 69 63 65 3a 49 6e 74 65 72 0080 6e 65 74 47 61 74 65 77 61 79 44 65 76 69 63 65 0090 31 ed Oa 4d 61 20 22 73 73 64 70 64 00a8 69 73 63 6f 76 65 72 22 od Oa 4d 58 3a 20 33 od bobo Oa Od Oa ..A..... LOOPE -M h?.... .....1.. Frame 10: 253 bytes on wire (2024 bits), 253 bytes captured (2024 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, ido > Ethernet II, Src: 02:00:40:4f:48:50 (02:00:40:4f:4f:50), Dst: Broadcast (ff:ff:ff:ff:ff:ff) > Internet Protocol Version 4, Src: 169.254.102.21, Dst: 169.254.255.255 > User Datagram Protocol, Src Port: 138, Dst Port: 138 > NetBIOS Datagram Service > SMB (Server Message Block Protocol) > SMB Mailslot Protocol > Microsoft Windows Browser Protocol E LOOP Tf W 0030 f EDFJECE FFCFFEHC NDHDFCAC ACACACAA A ABACF PFPENFDE CFCEPFHF DEFFPFPA CAB. SMB 2000 ff ff ff ff ff ff 02 00 4c 4f 4f 50 08 00 45 00 0010 00 ef 77 98 00 00 80 11 08 54 a9 fe 66 15 a9 fe 0020 ff ff 00 8a 00 8a 00 db ce 9e 11 02 fd 69 a9 fe 66 15 00 8a 00 05 00 00 20 45 44 46 4a 45 43 45 0040 46 46 43 46 46 45 48 43 4e 44 48 44 46 43 41 43 0050 41 43 41 43 41 43 41 41 41 20 20 41 42 41 43 46 0069 50 46 50 45 4e 46 44 45 43 46 43 45 50 46 48 46 0070 44 45 46 46 50 46 50 41 43 41 42 00 ff 53 40 42 0080 25 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11 00 00 2b 00a 00 00 00 00 00 00 00 00 00 e8 03 00 00 00 00 00 cobe 00 00 00 2b 00 56 00 63 00 01 00 01 00 02 00 3c coco 00 5c 4d 49 4c 53 40 4f 54 5c 42 52 4f 57 53 Bede 45 00 Oc 00 60 ea 00 00 4d 41 52 59 56 49 40 40 45 00 b8 bd 53 6a ec 09 03 a 00 10 00 80 ec 00 Befo 00 00 43 59 42 45 52 55 47 2d 37 35 00 0090 + V \MAILSL OT BROWS E..... MARYVILL E..Sj CYBERU G-75 eeep No.: 10. Time: 13.541985. Source: 169.254.102.21 Destination: 169.254.255.255. Protocol: BROWSER. Length: 253. Info: Domain Workgroup Announcement MARYVILLE, NT Workstation Domain Enum Wireshark. Packet 3. Ethernet 2 > Frame 3: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on interface \Device\NPF_{03586045-C7E3-4B24-B382-FA354F1396F1}, id a > Ethernet II, Src: 02:08:40:4f:4f:50 (02:00:40:4f:4f:50), Dst: Broadcast (ff:ff:ff:ff:ff:ff) > Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255 > User Datagram Protocol, Src Port: 68, Dst Port: 67 > Dynamic Host Configuration Protocol (Discover) E LOOP H... .D.C.4 so M LOOP 2000 ff ff ff ff ff ff 02 00 40 4f 4f 50 00 45 00 0019 01 48 5c bo 00 00 80 11 dc f5 00 00 00 00 ff ff 0020 ff ff 00 44 00 43 01 34 73 4f 01 01 06 00 11 f1 0030 57 ff ob 00 80 00 00 00 00 00 00 00 00 00 00 00 0049 00 00 00 00 00 00 02 00 40 4f 4f 50 00 00 00 00 2050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0079 00 00 2080 0099 Bag Bobo Boco vodo 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00e0 of 0109 0119 0129 0130 0140 0150 00 00 00 00 00 63 82 53 63 35 01 3d 07 01 02 00 4C 4f 4f 50 Oc Oa 43 59 42 45 52 55 47 2d 37 35 3c 08 40 53 46 54 20 35 2e 30 37 Od 91 of 03 06 2c 2e 2f 1f 21 79 f9 fc 2b ff 00 00 00 00 00 00 00 00 00 00 C. Sc5 LOOP CYBERUG- 75

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Machine Learning And Knowledge Discovery In Databases European Conference Ecml Pkdd 2010 Barcelona Spain September 2010 Proceedings Part 2 Lnai 6322

Authors: Jose L. Balcazar ,Francesco Bonchi ,Aristides Gionis ,Michele Sebag

2010th Edition

364215882X, 978-3642158827

More Books

Students also viewed these Databases questions