Lab 9: Packet Sniffing

Posted byEthan ulrichPosted inUncategorized

Learning Objectives: To Determine what is going on in my local network using a software called Wireshark.

Equipment List: Computer and internet including; canvas, wordpress, Wireshark.

Notes, Observations, and Questions: Retransmission via ipconfig/(release\renew)

  • Type of protocol: TCP
  • Total length of the ip.len: 2 Bytes
  • Source: 35.173.160.224
  • Destination: 192.168.*.2 (my computer, * is for security)
  • Header: 0x6cdc (this refers to the corruption checkers within the router. The leading zero tells us there has been no corruption)

An SSDP prtocal listing

  • Type of protocol: UDP
  • Total length of the ip.len: 2bytes @291
  • Source: 192.168.1.1
  • Destination: 192.168.*.2 (my computer, * is for security)
  • Header: 0xb676

Dns protocol: UDP (17) this is like a directory for domains

ICMP protocol: This is a multicast listener report message. The routers messages to report errors or other information. It stands for Internet Control Message Protocol.

HTTP:

  • Number of frames: 145
  • Protocol: TCP
  • Definition: Hypertext Transfer Protocol

1. What is the purpose of TCP sequence numbers? To determine how much data has been transmitted and received.

2. What is the purpose of IP source & destination addresses? So the router knows where the packets must go and who sent them.

3. What is the purpose of DNS? To serve as a directory for domains.

4. What is DHCP? The Dynamic Host Configuration Protocol is what assigns components on a network an IP address for functionality.

5. What the relationship between the OSI model of networking and the real-world TCP/IP model we saw in this lab activity? Shows just how much information goes through the network layer and how much software is used after the hardware.

6. What evidence of layered network design did you discover when examining the captured data? How does the Wireshark data demonstrate encapsulation? The router goes through a whole list of pings to determine an IP address before it even begins working with data packets. Wireshark shows encapsulation by firstly breaking down the line item into parts and then breaking those parts into hexadecimal information.

7. What are the implications of having a tool like Wireshark freely available? For network administration? For security? You can see traffic within your network so if something is communicating with an IP it shouldn’t be the IP would be displayed on who sent the info and who it was sent to, even what was sent.

Diagrams, Flowcharts, and Figures:

Published by Ethan ulrich

UAS design and integration student at kstate poly.

Leave a comment

Design a site like this with WordPress.com
Get started