Research Report Marking Guide

Research Report Marking Guide

The ITECH2108/6108 Research Report assignment sets out make students undertake certain networking tasks. The learning task is the work that they do and the submission merely serves to prove that they did the work.

The submission consists of a document (that proves nothing) and some captures that potentially prove that they did their own work. If capture files are copied between students then packets in those files will have then same MAC address and time and this can be automatically detected.

The accompanying application, in MarkCaptures.zip will do this. Follow the directions carefully.

Comments on questions

The names for the capture files required by MarkCaptures are shown

ACL/20

No captures possible because entirely local.

Look for proof that the changes asked for had a given effect

No more than half marks without proof

Advanced Apache/40

Capture must be named adap.acp

Look for packets like this from port 443 and accompanying documentation that shows that this was done on apache

Apache/10

Capture must be named elap.acp

Look for 401 packets as shown and the submitted .htaccess file

If no HTTP is seen you may need to Analyse/Decode As/HTTP

DHCP/10

Capture must be named dhcp.acp

Look for port 67 traffic and inspect options in ACK

They must have added some options

Figure 1Submitted capture - options added

Figure 2 Default capture options shown

DNAT/30

The capture file must be named dnat.acp

The scenario is too complex for automatic marking by MarkCaptures so only originality can be checked.

The capture should show the translation of an incoming public address to a private address

DNS/20

The capture file must be named dns.acp

Look for the type A query for AXFR

FTP/10

The capture file must be named ftp.acp

Look for 211 type responses from the server

MX/30

The capture file must be named mx.acp

Look for the DNS type MX query – for 6108 this must actually succeed

NFS/20

The capture file must be named nfs.acp

Look for the NFS READ request. Maximum half marks if not there.

OSPF/30

Capture file must be named ospf.acp

Look for some OSPF traffic that is not Hello

RIP/30

Capture file must be named rip.acp

Look for port 520 traffic

SWAT/20

Capture file must be names swat.acp

Look for some port 901 traffic

Use Decode As/HTTP to make sense of it