User Account

All Pages

How many packets are there in the capture

Assignment Help Management Information Sys
Reference no: EM132059464

Lab : Network Based Evidence Analysis

This lab is intended to get you comfortable looking at network data in Wireshark and writing up what you find. The second part requires that you collect some of your own traffic and discuss the activity that you see.

In order to complete this lab, you will have to download Wireshark from wireshark.org. If you like, you are free to use any other packet capture tool, but the lecture provides guidance on how to use this tool to complete most parts of the lab.

In the first part of the lab you will have to download the twopcap files from Blackboard and address each of the questions below for the specific datasets. In part two, you are required to collect information from your own machine.

Please provide screenshots for your answers in part 2.

Part I: Analyzing PCAP files

1) hb.pcap

This packet capture is from the investigation of a machine (IP: 192.168.0.184) that is having slowness at startup and it is unknown what may be causing this slowness

• How many packets are there in the capture?

• What protocol is the most popular?

• When did the capture occur?

• Can we identify what the domain name that the computer is trying to connect to? What is the IP address for this domain?

2) fc.pcap

This packet capture is from the investigation of a server that has significant amounts of traffic directed at it at odd hours

• How many packets are there in the capture?

• What protocol is the most popular?

• When did the capture occur?

• What does this pcap represent?

• What username is attempting to login?

• Please identify at least fiveof the passwords that were attempted?

• Do you think that this activity should be alarming to a network administrator?

• What would be the next step if you were called in as part of an incident response team?

Part II: Collecting and analyzing your own traffic

Collect traffic using Wireshark for your computer for at least 60 minutes. This can be done by clicking on "Capture" and then "Start".

If you have multiple network interfaces, choose "interfaces" and choose the appropriate one. (If you have issues with this, please email me).

• Using summary and protocol hierarchy describe the traffic you collected

• How many packets did you collect?

• What are the top three protocols based on frequency?

• How long did the capture last?

• Using the "endpoints" feature discuss your traffic patterns

• Do you have any IPv6 traffic or is it all IPv4?

• If you have IPv6 traffic, what is the device that is using IPv6

• What is the distribution between TCP versus UDP packets?

• What is the most common endpoint IP?

• Does that IP resolve to a domain?

• Were you purposely doing something (surfing the web, checking email) or was this IP communicating in the background?

Attachment:- Data file.rar

Reference no: EM132059464

Questions Cloud

Describe the marketing mix used by spirit in its strategy : Describe the marketing mix used by spirit in its strategy? What are the challenges Spirit Airlines faces in keeping prices low and improving services?
Traces-rulings for the surface : Find and describe (what 2-D shape is it) at least three traces/rulings for the surface given by z/4 -x^2-y^2/4=0. Sketch the quadric surface.
Use the mirr decision rule to evaluate this project : Use the MIRR decision rule to evaluate this project.
Find the first four terms as well as the tenth term : Find the first four terms as well as the tenth term of the sequence given by a sub n=n(n+1)/2
How many packets are there in the capture : Can we identify what the domain name that the computer is trying to connect to? What is the IP address for this domain?
What it is spirit airlines target market : The effect of a stop loss provision in a health insurance policy is to. What it is spirit airlines' target market?
How much does air pressure change : How much does air pressure change as one moves from 100 meters above sea level to 1000 meters above sea level?
How are language and community related : How are language and community related? What role does language play in the bringing together of people? How does language separate groups?
How much money will she have at the end of 30 days : How much money will she have at the end of 30 days?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd