CUNY JJC Criminal Justice Wireshark Discussion

Description

The goal of this assignment is to explore the network packets associated with several typical online activities. You will have the chance to analyze bit-by-bit the flows associated with these services and evaluate different application and protocol parameters across the entire TCP/IP stack including Data Link Layer/Medium Access Control (L2), Network Layer (a.k.a. IP or L3), Transport Layer and Application Layer.To carry out this analysis, you will use Wireshark. (If you haven’t already) you will need to install Wireshark on your own computer. For more information and installation instructions visit https://www.wireshark.org/. Part of finishing this assignment will be learning how to use Wireshark effectively. To do this, you can refer to the User’s Guide available here https://www.wireshark.org/docs/wsug_html_chunked/.While Wireshark allows you to capture packets on a network interface it can also be used to read previously collected packet traces. For this assignment you will be analyzing a trace that I have already captured. You can download the trace from Blackboard (a file named p2-trace-S22.pcapng). Some of the activity in this trace contains protocols we have not gone over (or will not be going over). Other protocols, we have studied extensively in this class. In either case, there is an abundance of information in your course materials (and online), and I encourage you to read up if you are not sure what a protocol is used for.The deliverable of this assignment is a report in which you will explain what you saw in the trace. In order to complete the assignment, you need to do two things: (i) make sense of the trace and (ii) write the report. In both these components, there is one advanced question, which will count as extra credit for undergrads and will be mandatory for graduate students. The remainder of this assignment provides details on how to approach the trace analysis.1. Making sense of the trace. Begin your analysis by considering the following questions. As you answer the questions, make a note of the methodology you have used (you will need to explain this in your report):Mandatory for everyoneHow many packets are in the trace?What types of packets are these?What DLL/MAC addresses can you see in the trace?What IP addresses can you see in the trace?How do IP and MAC addresses map to each other?Can you tell by the trace what kind of network card was used tocapture the trace: an Ethernet adapter or a 802.11 wireless card?Can you conclude anything about the network topology on which thetrace was collected? Which was the machine (IP and MAC address) on which the trace was collected? What is the network mask? What is the default gateway? What is the vendor of the default gateway device? What is the DNS server IP? What is the DHCP server IP? Which hosts are on the local network? How many hosts are there on the local network? Can you determine some of the applications these hosts are running? Which hosts are remote (e.g. outside of the local network of the host collecting the trace)?How many hops away are the remote hosts? Which is the most “remote” host?What services/applications were accessed?Did any IP fragmentation occur? Were there any packets in whichthe “Don’t fragment” bit was set?Mandatory for graduate students; extra credit for undergraduate studentsi. Find the traceroute session. A part of the activity captured in this trace is a traceroute session. Use what you know about traceroute (e.g. packet types and how certain fields in the packets are modified) in order to locate the traceroute packets in the pcap trace. Once you find the packets, reconstruct the entire path from source to destination. More specifically, draw a diagram with all the routers and their respective IP addresses between the traceroute source and the traceroute destination. In addition to the diagram, create a table that contains the average RTT to each hop on the path.2. Writing your report. Being able to convey what you have learned from the trace is equally important to understanding what is going on in the trace. This section provides you with guidelines on how to organize your understanding of the trace in a nice, coherent story, so your reader can also learn from your knowledge.Paper format: your submission will be a single PDF file.Paper content. Your paper will need to answer the questions above plus anyother interesting things you have found in the trace. While the above questions provide a nice framework to analyze the trace, answering them one by one in the report will not lead to a nice coherent story; instead it will produce a hard to read and hard to understand bucket list. When writing your report consider presenting your findings in multiple levels of detail. For example, you can first provide a summary of the trace including number ofpackets, number of hosts and a high-level idea of what these hosts are up to. A figure that depicts the local network architecture, and “interesting” internal and external hosts will make your story visually clear. Then describe the different services/applications you see. For each service dive in details about the packet trace associated with this service. What transport layer protocol did it use? Was that aligned with what we studied throughout the semester? Did you see anything unexpected? Describe the packets you see in the flow associated with this service. Include diagrams where appropriate. You can then conclude your report with a brief summary of what you learned from this trace.Note that reports submitted by graduate student must contain a description of the traceroute session and the RTT to each hop. Undergraduate students who complete the traceroute analysis will be eligible for up to 20 points extra credit.

9 attachmentsSlide 1 of 9attachment_1attachment_1attachment_2attachment_2attachment_3attachment_3attachment_4attachment_4attachment_5attachment_5attachment_6attachment_6attachment_7attachment_7attachment_8attachment_8attachment_9attachment_9

Tags:
programming

wireshark

criminal justice

User generated content is uploaded by users for the purposes of learning and should be used following Studypool’s honor code & terms of service.

Reviews, comments, and love from our customers and community:

Article Writing

Keep doing what you do, I am really impressed by the work done.

Alexender

Researcher

PowerPoint Presentation

I am speechless…WoW! Thank you so much!

Stacy V.

Part-time student

Dissertation & Thesis

This was a very well-written paper. Great work fast.

M.H.H. Tony

Student

Annotated Bibliography

I love working with this company. You always go above and beyond and exceed my expectations every time.

Francisca N.

Student

Book Report / Review

I received my order wayyyyyyy sooner than I expected. Couldn’t ask for more.

Mary J.

Student

Essay (Any Type)

On time, perfect paper

Prof. Kate (Ph.D)

Student

Case Study

Awesome! Great papers, and early!

Kaylin Green

Student

Proofreading & Editing

Thank you Dr. Rebecca for editing my essays! She completed my task literally in 3 hours. For sure will work with her again, she is great and follows all instructions

Rebecca L.

Researcher

Critical Thinking / Review

Extremely thorough summary, understanding and examples found for social science readings, with edits made as needed and on time. Transparent

Arnold W.

Customer

Coursework

Perfect!

Joshua W.

Student

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>