Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Taking Wireshark for a Test Run 1. Open a command prompt and enter ipconfig /release. This command releases the IP address currently used by your

Taking Wireshark for a Test Run

1. Open a command prompt and enter ipconfig /release. This command releases the IP address currently used by your system

2. At the command prompt, enter ipconfig /renew. This command causes your system to acquire a new IP address.

3. At the command prompt, enter ipconfig/flushdns. This command clears the DNS cache on your systems so that every newly entered url will generate a DNS query.

4. Now youll try sniffing data packets as they are transmitted over the HTTP protocol. Open up a browser tab and go to http://my.utsa.edu/.

5. Open another browser tab. Login to a web application that does not use secure communication: http://www.techpanda.org. Use the login address admin@google.com and the password Password2010.

6. Open one more browser tab and log into one of your social media, email, or news outlet accounts (Instagram, YouTube, etc.)

7. Stop the capture session and save the traffic data you have generated.

Analyzing Your Data

You will now analyze and write up a report of the packets in your capture session. Include screenshots of relevant results for each numbered item. Reference your text and/or the Internet for answers to the conceptual questions.

1. Filter and locate the DHCP packets (bootp filter) generated when you released and renewed your IP address.

a. What is the purpose of the DHCP protocol?

b. What are the main IP addresses involved in the generation of the DHCP frames?

c. Explain the purpose and effect of each of the frames involved.

2. Filter and locate the DNS query and response message for www.utsa.edu.

a. What is the purpose of DNS frames?

b. Were the DNS packets sent using the UDP or TCP transport layer protocol? Why?

c. What are the source and destination ports for the DNS frames generated during your capture session?

3. Filter and locate the frames for the TCP three-way handshake between your host and the web servers you accessed.

a. What is the purpose of the TCP three-way handshake?

b. What are the source and destination ports for these frames?

c. Starting with the first frame of the three-way handshake, list the SEQ and ACK numbers for the three handshake frames. What patterns, if any, do you spot?

d. How do the logins compare for the unsecured and secured attempts (look at the panel below the log entries)?

4. Report on the statistics for the capture session with relevant screenshots.

a. How long in minutes was the transfer session?

b. How many packets were captured?

c. How many bytes are in the packets?

d. Which protocols generated the greatest percentage of bytes of traffic?

5. Exit Wireshark. Congratulations! Youve now completed Lab 01

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Concepts of Database Management

Authors: Philip J. Pratt, Joseph J. Adamski

7th edition

978-1111825911, 1111825912, 978-1133684374, 1133684378, 978-111182591

More Books

Students also viewed these Databases questions

Question

=+2 Why are international employment standards important to IHRM?

Answered: 1 week ago

Question

=+1 Why are local employment laws important to IHRM?

Answered: 1 week ago

Question

=+ Are some laws more important than others? If so, which ones?

Answered: 1 week ago