Your name Assignment 2
Assignment 2 - Answers
This laboratory assignment should be answered individually. Type your answers with a green font instead of “Your answer”. Write your name on the left side of the header. When your finished save the file under the name “Lastname_Firstname_2.doc” (Lastname =yourlast name and Firstname=your first name) and upload it to the Moodle learning platform.
Part I: Wireshark Network Analyzer
1. Go to the home page for the Wireshark network analyzer, http://www.wireshark.org . Download the latest version for your platform. (In MIUN lab rooms, it is preinstalled.) Read the requirements for the system before you install the programs. Follow the link Documentation and the site closest to you to download the user-guide and/or the “About Wireshark” document. Get acquainted with the instructions about installing the program and the main features of Wireshark. Install the analyzer and the package for capturing packets.
2. From the page with this assignment on the WebCT server download the file packets.cap. This file contains frames captured by the packet capturing program. You should be able to open this file with the Wireshark packet analyzer program.
3. Inspect frame 1 and answer the following questions.
- What is the MAC source and MAC destination address and in which header did you find them?
Your answer
- What is the source and destination IP address and in which header did you find them?
Your answer
- Which type of transport protocol is used? What are the source and destination port?
Your answer
- What is the application protocol used?
Your answer
- Explain or make an illustration showing what packets (IP datagraml, Ethernet frame, TCP segement) headers and trailers that are part of what packets.
Your answer
4. Inspect packets 5, 6, 7 and 36, 37, 38, 39 in the packets.cap file. Observe the TCP header. Pay attention to the length of the segments and to the flags. Answer the following questions.
- What is the value of the SYN flag in the TCP header for packets 5, 6 and 7?
Your answer
- What is the purpose of packets 5, 6 and 7?
Your answer
- What is the value of the FIN flag in the TCP header for packets 36, 37, 38 and 39?
Your answer
- What is the purpose of packets 36, 37, 38 and 39?
Your answer
5. Inspect packets 23 to 35. Answer the following questions.
- What kind of application protocol is used?
Your answer
- Can you explicitly see the user name and the password? What are their values?
Your answer
- Are you aware of what kinds of measures are taken for avoiding plain text passwords? (We did not study these issues during this course, but you can read the text at http://www.livinginternet.com/i/is_crypt.htm and perhaps give the answer.)
Your answer
6. Read about the filters used with Wireshark. Create a capture filter that will filter packets coming and going through the interface card on your computer and using port 80 and start capturing packets. To generate packets you need to start your browser, or fetch another page if it is already active. Once you do that stop capturing. Analyze the packets captured and answer the following questions.
- What kinds of filters can be created in Wireshark? What is the purpose of them?
Your answer
- (If you work on a computer where packet capturing is not possible, for example because you are not admin, skip this task, but explain why it is not possible.) Analyze carefully the stream of packets generated when you started your browser or fetched another page. Examplify what kinds of packets that were generated and the purpose of each of them.
Your answer
7. From the page with this assignment on the WebCT server download the file actions.zip and captures.zip. The file actions.zip contains six pictures that show six actions or commands given at the Windows command prompt window. These commands are concerned with the TCP/IP protocol stack on the machine. Each command generates a flow of certain packets on the network interface through which the machine is connected to the network. The files with six actions are named: cmd1.jpg, cmd2.jpg, cmd3.jpg, ..., cmd6.jpg. The file captures.zip contains six files with captured packets. They have been captured after some of the actions described above. Use the Wireshark network analyzer to be able to look at the packets captured. The name of the files are capture1.cap, capture2.cap, ...., capture6.cap. Match each action with the packets captured.
(If a cap file is missing, indicate that in your answer.)
cmd1.jpg / Your answercmd2.jpg / Your answer
cmd3.jpg / Your answer
cmd4.jpg / Your answer
cmd5.jpg / Your answer
cmd6.jpg / Your answer
Part II: Distributed Nature of the Internet
1. Write shortly about your opinion on how Internet will develop in the future.
Your answer
2. Visit the following web sites and read about the role of the different bodies in the development and standardization process of the Internet.
www.ietf.org , www.irtf.org , www.icann.org , www.iana.org , www.rfc-editor.org/ , www.w3.org
Answer the following questions.
- What are the full names for the following organizations: IETF, IRTF, IANA, ICANN, and W3C? Describe shortly the main focus of interest for each of them.
Your answer
- What is the meaning of the acronym RFC? Find the RFC that contains the well-known ports for the applications and write down the applications that use ports 21, 25 and 80.
Your answer
Part III: Multimedia applications over the network
1. Perform some research about the multimedia applications and try to capture packets using the Wireshark analyzer while using different multimedia applications. After that answer the following questions.
- Which transport protocol is mainly used for the multimedia applications and why?
Your answer
- What is the difference between the two most often used transport protocols, TCP and UDP?
Your answer
- Do you know about other transport protocols besides UDP and TCP?
Your answer
Iskra Popova (Revised Spring 2012 ME) 1/4