Question

1 Approved Answer

Posted on Sep 24, 2024

If possible, pls provide screenshot from wireshark on where to find the answers. Thanks Task 1. Preliminary This is a preliminary task which prepares you

If possible, pls provide screenshot from wireshark on where to find the answers. Thanks

image text in transcribed

Task 1. Preliminary This is a preliminary task which prepares you to answer the questions in the subsequent tasks. No marks will be awarded for this part. To reduce the number of the packet traces collected in this assignment, you may close all other web browsing or network applications which are not related to this assignment Do the following steps': 1. Open the Windows Command Prompt as an administrator. Enter ipconfig /all in the command prompt (For MacOS, open the Terminal application and enter ifconfig -a). a) Take the screenshot of the output. The screenshot should show the IPv4 address and MAC address used for this assignment. 2. Start up the Wireshark packet sniffer. 3. Enter arp -d in the command prompt (For MacOS, open the Terminal application and enter sudo arp -d ). For example, if the IP address of your default gateway is 10.1.1.1, you should enter arp -d 10.1.1.1 (for Windows) sudo arp -d 10.1.1.1 (for MacOS) 4. Start up your web browser. Clear the browser caches. 5. At the command prompt of the Windows or Terminal application of the Macos, enter the following command to clear your DNS resolver cache. ipconfig /flushdns (for Windows) sudo killall -HUP mDNSResponder (for MacOS) 6. Browse to any web site with HTTP connection. Connect to the web site with your browser until you see the web page is completely displayed on the browser (Please ensure that the connection is HTTP, not HTTPS). a) Provide the URL of the web site that you are browsing in this task. b) Take a screenshot of the web browsing. 7. Close the browser. 8. Open the Windows Command Prompt application (For MacOS, open the Terminal application). Enter ping command to any host. For example, if you perform the ping to a host with IP address 10.1.1.1, then the command that you enter is ping 10.1.1.1 (for Windows) ping -c 4 10.1.1.1 (for MacOS) 9. Open the Windows Command Prompt application, enter ipconfig /release. This command releases your current IP address. Next, enter ipconfig /renew. This instructs your host to obtain a network configuration, including a new IP address. Wait until all the outputs of ipconfig /renew has displayed on the screen. For MacOS, open the Terminal application, and enter sudo ipconfig set eno dhcp (assume that your network adaptor is eno, you should change it according to your adaptor). Then, turn WIFI connection off and on again. 10. Wait for a while and stop the Wireshark packet capture. 11. Save your packet traces file as "YourStudentID.pcapng" (e.g., DMT1234567.pcapng). Task 4. Address Resolution Protocol (ARP) Address Resolution Protocol (ARP) is one of the important protocols in networking. 1. In Step 3 of Task 1, the command is used to delete the entry associated with the default gateway's IP in the ARP table. After removing this entry, ARP may be used in some of the relevant connections subsequently. a) With the aid of a datagram, describe the working principle of ARP. Whenever possible, you should use the details in the relevant ARP messages obtained after Step 3 in Task 1 for your description. In particular, you may include the following details in your description: o Source and destination MAC addresses of the Ethernet frames. o Types of ARP messages sent and received. Specific field values in the ARP messages, such as sender MAC address, sender IP address, target MAC address, and target IP address. b) Suppose you also browse to another external web site right after Step 6 in Task 1. Explain whether there will be any ARP messages generated due to this browsing activity. Task 5. Protocol Field 1. Transaction ID field is used by some of the protocols that you have studied in this lesson. a) Give TWO examples of different protocols that have a Transaction ID field. b) Select these two protocols from the packet traces you have captured in Task 1. Take the screenshots of these protocols. Your screenshot should clearly show the Transaction ID field. c) For each of the protocol selected in (b), answer the following questions: i. Specify on which layer does the protocol belong to. ii. What is the length of this field in the protocol? ii. Describe how this field is used in the corresponding protocol