CIS410_Normal_Network_Traffic_Lab

CIS410_Normal_Network_Traffic_Lab - E ric Walker Mr....

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Eric Walker Mr. Trevethan CIS410 July 26, 2011 "Normal Traffic Analysis" In this exercise we will examine some "normal" network traffic (i.e. traffic that is not malicious and contains no errors). The purpose of the exercise it to gain further experience using WireShark and recognizing and analyzing common network protocols. Lab Setup You will need a computer running WireShark. Task 1: Analyze an arp request. Open the arp1.cap file in WireShark. In Frame 1, what is the destination address? 10.0.0.99 (Broadcast) Is this a layer 1 or layer 2 address? Layer 2 In Frame 2, what is the Destination address? 10.0.0.1 What is the contents of the frame (i.e. what is the answer to the query)? 10.0.0.99 is at 00:a0:cc:30:c8:db Could you use this protocol to determine the mac address of a web site on the Internet? yes Why or why not? Because you can ping the UNC of the website and get a return of the websites mac address and ip address. Task 2: Analyze a dhcp request Open the dhcpboot.cap file in WireShark. In Frame 1, why is the source address 0.0.0.0 ?
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 4

CIS410_Normal_Network_Traffic_Lab - E ric Walker Mr....

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online