Wireshark_SSL_Solution_July_22_2007

Wireshark_SSL_Solution_July_22_2007 - Wireshark lab 1 1....

Info iconThis preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Solution to Wireshark Lab: SSL 1. For each of the first 8 Ethernet frames, specify the source of the frame (client or server), determine the number of SSL records that are included in the frame, and list the SSL record types that are included in the frame. Draw a timing diagram between client and server, with one arrow for each SSL record. Frame Source SSL Count SSL Type 106 Client 1 Client Hello 108 Server 1 Server Hello 111 Server 2 Certificate Server Hello Done 112 Client 3 Client Key Exchange Change Cipher Spec Encrypted Handshake Message 113 Server 2 Change Cipher Spec Encrypted Handshake Message 114 Client 1 Application Data 122 Server 1 Application Data 127 Server 1 Application Data Fig. 1: Timing Diagram
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2. Each of the SSL records begins with the same three fields (with possibly different values). One of these fields is “content type” and has length of one byte. List all three fields and their lengths. The first three fields are: Content Type 1 byte Version 2 bytes Length 2 bytes. Fig. 2: SSL Frames
Background image of page 2
Fig. 3: Client Hello record 3. Expand the ClientHello record. (If your trace contains multiple ClientHello records, expand the frame that contains the first one.) What is the value of the content type? The content type is 22, for Handshake Message, with a handshake type of 01, Client Hello. 4. Does the ClientHello record contain a nonce (also known as a “challenge”)? If so, what is the value of the challenge in hexadecimal notation? The client hello challenge is 66df 784c 048c d604 35dc 4489 8946 9909 5. Does the ClientHello record advertise the cyber suites it supports? If so, in the first listed suite, what are the public-key algorithm, the symmetric-key algorithm,
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 6

Wireshark_SSL_Solution_July_22_2007 - Wireshark lab 1 1....

This preview shows document pages 1 - 4. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online