Research Report Marking Guide
The ITECH2108/6108 Research Report assignment sets out make students undertake certain networking tasks. The learning task is the work that they do and the submission merely serves to prove that they did the work.
The submission consists of a document (that proves nothing) and some captures that potentially prove that they did their own work. If capture files are copied between students then packets in those files will have then same MAC address and time and this can be automatically detected.
The accompanying application, in MarkCaptures.zip will do this. Follow the directions carefully.
Comments on questions
The names for the capture files required by MarkCaptures are shown
No captures possible because entirely local.
Look for proof that the changes asked for had a given effect
No more than half marks without proof
Capture must be named adap.acp
Look for packets like this from port 443 and accompanying documentation that shows that this was done on apache
Capture must be named elap.acp
Look for 401 packets as shown and the submitted .htaccess file
If no HTTP is seen you may need to Analyse/Decode As/HTTP
Capture must be named dhcp.acp
Look for port 67 traffic and inspect options in ACK
They must have added some options
Figure 1Submitted capture - options added
Figure 2 Default capture options shown
The capture file must be named dnat.acp
The scenario is too complex for automatic marking by MarkCaptures so only originality can be checked.
The capture should show the translation of an incoming public address to a private address
The capture file must be named dns.acp
Look for the type A query for AXFR
The capture file must be named ftp.acp
Look for 211 type responses from the server
The capture file must be named mx.acp
Look for the DNS type MX query – for 6108 this must actually succeed
The capture file must be named nfs.acp
Look for the NFS READ request. Maximum half marks if not there.
Capture file must be named ospf.acp
Look for some OSPF traffic that is not Hello
Capture file must be named rip.acp
Look for port 520 traffic
Capture file must be names swat.acp
Look for some port 901 traffic
Use Decode As/HTTP to make sense of it