Project Wireshark

Description: This project requires that you work in a group (or as an individual) to do some research regarding the protocols used in the Wireshark captures provided to try and determine what is happening in the capture. Keep in mind that documentation is a big part of what you will do in the real world in your career. You will have to explain to others your findings and propose solutions. Hands on means using your brain, too!

Use the capture files in the Project Work Module in D2L (you will have to unzip the zip files to extract the individual capture files) to answer the following questions:

Part I HTTP

Review the first capture file (Project Part I-a) and determine what is happening with the HTTP traffic.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Review the second capture file (Project Part I-b) and determine what is happening with the HTTP traffic in this capture.

How is the traffic different from the first capture? Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed.

Part II PPP

Review the third capture file (Project Part II-a) and determine what is happening with the PPP traffic in this capture.

a. Research one of the protocols relating to PPP and describe it here.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Review the third capture file (Project Part II-b) and determine what is happening with the PPP traffic that you are investigating in this capture. What else is involved?

a. Research one of the protocols relating to PPP and describe it here.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Review the third capture file (Project Part II-c) and determine what is happening with the PPP traffic in this capture. What else is involved?

a. Research one of the protocols relating to PPP and describe it here.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Part III 802.11

Review the first capture file (Nokia) and determine what is happening with the 802.11 traffic. Hint: use the Analyze/Conversation Filter

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Review the second capture file (wpa) and determine what is happening with the WPA traffic in this capture. (password is Induction). Hint: Use Edit->preferences, Protocol IEEE 802.11, decryption with Induction); Look at the packets prior to and after decryption. Use this

HYPERLINK "https://wiki.wireshark.org/HowToDecrypt802.11" https://wiki.wireshark.org/HowToDecrypt802.11 . You are STILL required to answer the following questions in your own words and provide a screenshot!

What do you different once you have decrypted the packets? What is decrypted and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed.

Part IV Ipv6 Ipv4

Review the third capture file (toredo) and determine what is happening with the Ipv4-IPv6 traffic in this capture.

a. Research Toredo for encapsulation relating to Ipv6 using the content links in the course and describe it here.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture) (Hint: look at all Ipv6 packets that have Toredo in their details)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

Review the fourth capture file (6to4) and determine what is happening with the Ipv4- IPv6 traffic in this capture. What else is involved?

a. Research 6to4 protocol using the content links in the course relating to 6to4 and describe it here.

Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)

Take a screenshot of the actual packets within the capture file that you observed this behavior.

How do the two different methods differ?

Are there any other transitioning methods for IPv6 that you came across in your research that are noteworthy?

Group Members: (List your group Members Here if you worked in a group)

Task List: (List the tasks that were performed in this project and which team members were involved in this task, plus the % of their contribution to the project)

Submission