CIS410_Digital_foresnics_Lab

CIS410_Digital_foresnics_Lab - 9) What is the IP address of...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
Lab 23 – Digital Forensics (Part 7) LAB QUESTIONS 1) Why did ".5" become highlighted in the lower pane? Because that is ASCII representation of the destination of the data dump Why did the number 00 35 also become highlighted? Because that is the Hexadecimal representation of the data dump 2) What is the IP address of www.msn.com? (Hint: look for the name server's response) 64.106.58.21 3) How many TCP frames were sent from my computer 64.106.58.196 to the server? 118 4) Which server and version was used?? Microsoft-IIS/6.0 5) What is the MAC address of the HutchEx computer? 00:0c:29:e7:cd:4e 6) What is the MAC address of the AA computer? 00:0c:29:f2:5f:f9 7) What is the frame number, frame length and list of protocols in the frame? frame number = 30 frame length = 74 bytes list of protocols = eth, ip, icmp, data 8) In the network layer protocol, what is the TTL set to and are the available flags set? TTL = 128 flags set = 0x00
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: 9) What is the IP address of the local dns server? 64.106.58.21 10) What is the MAC address of the HutchEx and the AA computers? HutchEx MAC = 00:0c:29:e7:cd:4E AA MAC = 00:0c:29:f2:5f:f9 11) What is the MAC address of the HutchEx and the AA computers? HutchEx MAC = 00:0c:29:97:47:4f AA MAC = 00:0c:29:f2:5f:f9 12) What is the discrepancy did you notice between the MAC addresses in questions 10 and 11? The difference that I noticed was that the source computers (HutchEx) did not have the same MAC address. 13) What other interesting details did you notice? Just by having one webpage open there was 2805 packets of information exchanged. There were a number of protocols used with just one web page. 14) Could you recognize this traffic again if you saw it happening against your computer? with enough time I am sure that I could recognize this traffic if it happened against my computer....
View Full Document

Ask a homework question - tutors are online