SlideShare a Scribd company logo

Laboratory 2PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER.docx

Download as DOCX, PDF
S
sleeperfindley

Laboratory 2 PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER The purpose of this lab is to practice examining traffic using a protocol analyzer and recognize a SYN attack. The SYN flood attack is one of the common Denial of Service (DoS) attacks in the Internet. In the SYN flood attack, an attacker sends a large number of SYN packets to the server, ignores SYN/ACK replies and never sends the expected ACK packet. Basically, the attacker overwhelms the server with many half-established connections and exhausts the server resources, and hence the attack is known as a DoS attack. The tool you will be using is known as Wireshark, a well-known open source packet analyzer. The exercise will demonstrate that recognizing an attack requires sophisticated tools (such as Wireshark) and knowledge of the domain (TCP/IP network). Assignment: 1. Obtain a trace file of the TCP handshake process. Download the attached files: "tcpshake.cap," "tcpshake.prn" (TCP: Handshake Process) and "tcp-syn-attack.cap," "tcp-syn-attack.prn," (TCP: TCP SYN Attack). The .prn file is a text file, and you can read it with Notepad or Wordpad. It contains a formatted "report" with information on each packet. The .cap file is in the proprietary Sniffer format. Opening this file produces a graphic representation of the same information. You can read .cap files with Wireshark/Ethereal, a public domain analyzer. 2. Obtain Wireshark Follow the link to Wireshark from  http://www.wireshark.org  (or  http://www.filehippo.com/download_wireshark/ ) and download the version 2.0.5 or a previous version (the current stable release of Wireshark is 2.0.5). Depending on the version, release and OS you might find the options in different places. On the Wireshark home page, follow the link to Download. For Windows, you may download and install "wireshark-win32-2.0.5.exe." Select all installation options. (Note: These files are about 13-22MB.) On the same page you can find also the documentation ( http://www.wireshark.org/download.html ). If you use a packet driver, Wireshark can both capture packets and read trace files of packets that have already been captured. However, the packet driver must access parts of your operating system that some students may not have access to. That is the reason why this is not a packet capturing exercise. However, you should learn to capture packets yourself if you can. The packet driver you will need is winpcap. It is available at  http://www.winpcap.org/install/ . However, you do not need winpcap for the exercise you are going to do now. 3. Read the tcpshake.cap trace file. Become familiar with Wireshark's interface. Run Wireshark from the shortcut that is now on your desktop. Click File|Open and uncheck all the name resolution options at the bottom of the dialog box. Type the path to tcpshake.cap, or navigate to it using the top part of the dialog box. (This interface may take a few trials to get used to.) Explore the trace in the three panes of the analyzer. .

Education
1 of 3
Laboratory 2 PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER The purpose of this lab is to practice examining traffic using a protocol analyzer and recognize a SYN attack. The SYN flood attack is one of the common Denial of Service (DoS) attacks in the Internet. In the SYN flood attack, an attacker sends a large number of SYN packets to the server, ignores SYN/ACK replies and never sends the expected ACK packet. Basically, the attacker overwhelms the server with many half-established connections and exhausts the server resources, and hence the attack is known as a DoS attack. The tool you will be using is known as Wireshark, a well-known open source packet analyzer. The exercise will demonstrate that recognizing an attack requires sophisticated tools (such as Wireshark) and knowledge of the domain (TCP/IP network). Assignment: 1. Obtain a trace file of the TCP handshake process. Download the attached files: "tcpshake.cap," "tcpshake.prn" (TCP: Handshake Process) and "tcp-syn-attack.cap," "tcp-syn- attack.prn," (TCP: TCP SYN Attack). The .prn file is a text file, and you can read it with Notepad or Wordpad. It contains a formatted "report" with information on each packet. The .cap file is in the proprietary Sniffer format. Opening this file produces a graphic representation of the same information. You can read .cap files with Wireshark/Ethereal, a public domain analyzer. 2. Obtain Wireshark Follow the link to Wireshark from http://www.wireshark.org (or http://www.filehippo.com/download_wireshark/ ) and download the version 2.0.5 or a previous version (the current stable release of Wireshark is 2.0.5). Depending on the
version, release and OS you might find the options in different places. On the Wireshark home page, follow the link to Download. For Windows, you may download and install "wireshark-win32- 2.0.5.exe." Select all installation options. (Note: These files are about 13-22MB.) On the same page you can find also the documentation ( http://www.wireshark.org/download.html ). If you use a packet driver, Wireshark can both capture packets and read trace files of packets that have already been captured. However, the packet driver must access parts of your operating system that some students may not have access to. That is the reason why this is not a packet capturing exercise. However, you should learn to capture packets yourself if you can. The packet driver you will need is winpcap. It is available at http://www.winpcap.org/install/ . However, you do not need winpcap for the exercise you are going to do now. 3. Read the tcpshake.cap trace file. Become familiar with Wireshark's interface. Run Wireshark from the shortcut that is now on your desktop. Click File|Open and uncheck all the name resolution options at the bottom of the dialog box. Type the path to tcpshake.cap, or navigate to it using the top part of the dialog box. (This interface may take a few trials to get used to.) Explore the trace in the three panes of the analyzer. These three panes are standard to most analyzers. They are the summary pane, the protocol tree pane, and the hex pane. Explore the preferences and configuration options in Wireshark. Share your findings with the class. Print a packet or any part of a packet you are interested in. 4. Read the tcp-syn-attack.cap file and answer the following 10 questions: Is this a two-way conversation? Are there any ACK's?
How long is the data portion of each packet? Why? Why is the sequence number zero (seq=0) in every packet? Why do the port numbers change in every packet? Look at the "Time" column in the summary pane. How do you interpret it? Click the "View" menu and select "Time Display Format". "Seconds since beginning of capture" is checked. Select "Seconds since Previous Captured Packet". How frequently are these packets being sent? Where in the protocol tree pane would you find the protocol "Type" field? Look in the flags section of the transport layer (Transmission Control Protocol" in the protocol tree section for one of the packets. What flags are set? How does a SYN attack deny service? Post your answer to the assignment folder under LAB2 (due date: 11/13).

Recommended

Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxambersalomon88660
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysisnikitaa25
 
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docx
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docxWireshark Lab TCP v6.0 Supplement to Computer Networking.docx
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docxalanfhall8953
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with WiresharkSiddharth Coontoor
 

Recommended

Wireshark tutorial
Wireshark tutorialWireshark tutorial
Wireshark tutorialChaman Poorani
 
Wireshark lab getting started one’s unde
Wireshark lab getting started one’s undeWireshark lab getting started one’s unde
Wireshark lab getting started one’s undepiya30
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxWireshark Lab Getting Started v6.0 Supplement to Co.docx
Wireshark Lab Getting Started v6.0 Supplement to Co.docxambersalomon88660
 
For your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laFor your final step, you will synthesize the previous steps and la
For your final step, you will synthesize the previous steps and laShainaBoling829
 
Experiment 7 traffic analysis
Experiment 7 traffic analysisExperiment 7 traffic analysis
Experiment 7 traffic analysisnikitaa25
 
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docx
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docxWireshark Lab TCP v6.0 Supplement to Computer Networking.docx
Wireshark Lab TCP v6.0 Supplement to Computer Networking.docxalanfhall8953
 
Network Monitoring with Wireshark
Network Monitoring with WiresharkNetwork Monitoring with Wireshark
Network Monitoring with WiresharkSiddharth Coontoor
 
Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Wireshark
WiresharkWireshark
Wiresharklakshya dubey
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxsmile790243
 
TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26Max Kleiner
 
Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1Florin D. Tanasache
 
Wireshark
WiresharkWireshark
WiresharkDeepika Ojha
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
 
W3af
W3afW3af
W3afvjbala
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31John Wu
 
Introduction to ns3
Introduction to ns3Introduction to ns3
Introduction to ns3Shahid Beheshti University
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
Wiresharkrep
WiresharkrepWiresharkrep
WiresharkrepDisha Rathod
 
Backtrack Manual Part6
Backtrack Manual Part6Backtrack Manual Part6
Backtrack Manual Part6Nutan Kumar Panda
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptssuser0a05422
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptToffeeLomerz
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptSenthil Vit
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )Kashyap Mandaliya
 
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptan_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptIwan89629
 
Write a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docxWrite a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docxsleeperfindley
 
write a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docxwrite a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docxsleeperfindley
 

More Related Content

Similar to Laboratory 2PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER.docx

Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark Fabio Rosa
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing softwaredharmesh nakum
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxsmile790243
 
TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26Max Kleiner
 
Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1Florin D. Tanasache
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesMichael Klishin
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31John Wu
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunickamiable_indian
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptssuser0a05422
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptToffeeLomerz
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.pptSenthil Vit
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )Kashyap Mandaliya
 
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptan_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptIwan89629
 

Similar to Laboratory 2PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER.docx (20)

Workshop Wireshark
Workshop Wireshark Workshop Wireshark
Workshop Wireshark
 
Wireshark network analysing software
Wireshark network analysing softwareWireshark network analysing software
Wireshark network analysing software
 
Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Need
 
Wireshark
WiresharkWireshark
Wireshark
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
 
TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26TCP Sockets Tutor maXbox starter26
TCP Sockets Tutor maXbox starter26
 
Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1Penetration Testing Project Game of Thrones CTF: 1
Penetration Testing Project Game of Thrones CTF: 1
 
Wireshark
WiresharkWireshark
Wireshark
 
Troubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issuesTroubleshooting common oslo.messaging and RabbitMQ issues
Troubleshooting common oslo.messaging and RabbitMQ issues
 
W3af
W3afW3af
W3af
 
raim-2015-paper31
raim-2015-paper31raim-2015-paper31
raim-2015-paper31
 
Introduction to ns3
Introduction to ns3Introduction to ns3
Introduction to ns3
 
Hacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria GrunickHacking Fundamentals - Jen Johnson , Miria Grunick
Hacking Fundamentals - Jen Johnson , Miria Grunick
 
Wiresharkrep
WiresharkrepWiresharkrep
Wiresharkrep
 
Backtrack Manual Part6
Backtrack Manual Part6Backtrack Manual Part6
Backtrack Manual Part6
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.ppt
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.ppt
 
Traffic-Monitoring.ppt
Traffic-Monitoring.pptTraffic-Monitoring.ppt
Traffic-Monitoring.ppt
 
VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )VULNERABILITY ( CYBER SECURITY )
VULNERABILITY ( CYBER SECURITY )
 
an_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.pptan_introduction_to_network_analyzers_new.ppt
an_introduction_to_network_analyzers_new.ppt
 

More from sleeperfindley

Write a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docxWrite a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docxsleeperfindley
 
write a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docxwrite a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docxsleeperfindley
 
write a 1-page reflection discussing your ideas about how the new ag.docx
write a 1-page reflection discussing your ideas about how the new ag.docxwrite a 1-page reflection discussing your ideas about how the new ag.docx
write a 1-page reflection discussing your ideas about how the new ag.docxsleeperfindley
 
Write a 1-2 page paper. Deliverable length does not include the titl.docx
Write a 1-2 page paper. Deliverable length does not include the titl.docxWrite a 1-2 page paper. Deliverable length does not include the titl.docx
Write a 1-2 page paper. Deliverable length does not include the titl.docxsleeperfindley
 
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docx
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docxWrite a 1-2 page comparative evaluation of Hewletts and Lancys a.docx
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docxsleeperfindley
 
Write a 1-2-page paper. Deliverable length does not include the .docx
Write a 1-2-page paper. Deliverable length does not include the .docxWrite a 1-2-page paper. Deliverable length does not include the .docx
Write a 1-2-page paper. Deliverable length does not include the .docxsleeperfindley
 
Write a 1-2 page paper. Deliverable length does not include the .docx
Write a 1-2 page paper. Deliverable length does not include the .docxWrite a 1-2 page paper. Deliverable length does not include the .docx
Write a 1-2 page paper. Deliverable length does not include the .docxsleeperfindley
 
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docx
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docxWrite a 1-2 page paper (typed, double-spaced, Times New Roman font, .docx
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docxsleeperfindley
 
Write a 1-2 page critique of 1 of the readings listed below- Ap.docx
Write a 1-2 page critique of 1 of the readings listed below- Ap.docxWrite a 1-2 page critique of 1 of the readings listed below- Ap.docx
Write a 1-2 page critique of 1 of the readings listed below- Ap.docxsleeperfindley
 
Write a 1- to 2-page summary and include the followingEar.docx
Write a 1- to 2-page summary and include the followingEar.docxWrite a 1- to 2-page summary and include the followingEar.docx
Write a 1- to 2-page summary and include the followingEar.docxsleeperfindley
 
Write a 1-2 double-spaced short essay about some of the factors we h.docx
Write a 1-2 double-spaced short essay about some of the factors we h.docxWrite a 1-2 double-spaced short essay about some of the factors we h.docx
Write a 1-2 double-spaced short essay about some of the factors we h.docxsleeperfindley
 
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docxWrite a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docxsleeperfindley
 
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docx
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docxWrite a 1,750- to 2,100-word paper describing how verbal and nonve.docx
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docxsleeperfindley
 
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docxWrite a 1- to 2-page paper or create a 6- to 8-slide presentati.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docxsleeperfindley
 
Write a 1,800 word coherent essay that examines women’s stru.docx
Write a 1,800 word coherent essay that examines women’s stru.docxWrite a 1,800 word coherent essay that examines women’s stru.docx
Write a 1,800 word coherent essay that examines women’s stru.docxsleeperfindley
 
Write a 1,400- to 1,750-word paper that discusses future trends in.docx
Write a 1,400- to 1,750-word paper that discusses future trends in.docxWrite a 1,400- to 1,750-word paper that discusses future trends in.docx
Write a 1,400- to 1,750-word paper that discusses future trends in.docxsleeperfindley
 
Write a 1,400- to 1,750-word paper that examines the influences of.docx
Write a 1,400- to 1,750-word paper that examines the influences of.docxWrite a 1,400- to 1,750-word paper that examines the influences of.docx
Write a 1,400- to 1,750-word paper that examines the influences of.docxsleeperfindley
 
Write a 1,500-1,900-word double-spaced essay on one of the following.docx
Write a 1,500-1,900-word double-spaced essay on one of the following.docxWrite a 1,500-1,900-word double-spaced essay on one of the following.docx
Write a 1,500-1,900-word double-spaced essay on one of the following.docxsleeperfindley
 
Write a 1,400- to 1,750-word paper in which you describe the key e.docx
Write a 1,400- to 1,750-word paper in which you describe the key e.docxWrite a 1,400- to 1,750-word paper in which you describe the key e.docx
Write a 1,400- to 1,750-word paper in which you describe the key e.docxsleeperfindley
 
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docx
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docxWrite a 1,250-1,500-word paper analyzing concepts of contemporary .docx
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docxsleeperfindley
 

More from sleeperfindley (20)

Write a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docxWrite a 10 page Case study with the below instructions.Body (.docx
Write a 10 page Case study with the below instructions.Body (.docx
 
write a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docxwrite a 1.5 – two-page paper to reflect on that week’s material .docx
write a 1.5 – two-page paper to reflect on that week’s material .docx
 
write a 1-page reflection discussing your ideas about how the new ag.docx
write a 1-page reflection discussing your ideas about how the new ag.docxwrite a 1-page reflection discussing your ideas about how the new ag.docx
write a 1-page reflection discussing your ideas about how the new ag.docx
 
Write a 1-2 page paper. Deliverable length does not include the titl.docx
Write a 1-2 page paper. Deliverable length does not include the titl.docxWrite a 1-2 page paper. Deliverable length does not include the titl.docx
Write a 1-2 page paper. Deliverable length does not include the titl.docx
 
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docx
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docxWrite a 1-2 page comparative evaluation of Hewletts and Lancys a.docx
Write a 1-2 page comparative evaluation of Hewletts and Lancys a.docx
 
Write a 1-2-page paper. Deliverable length does not include the .docx
Write a 1-2-page paper. Deliverable length does not include the .docxWrite a 1-2-page paper. Deliverable length does not include the .docx
Write a 1-2-page paper. Deliverable length does not include the .docx
 
Write a 1-2 page paper. Deliverable length does not include the .docx
Write a 1-2 page paper. Deliverable length does not include the .docxWrite a 1-2 page paper. Deliverable length does not include the .docx
Write a 1-2 page paper. Deliverable length does not include the .docx
 
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docx
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docxWrite a 1-2 page paper (typed, double-spaced, Times New Roman font, .docx
Write a 1-2 page paper (typed, double-spaced, Times New Roman font, .docx
 
Write a 1-2 page critique of 1 of the readings listed below- Ap.docx
Write a 1-2 page critique of 1 of the readings listed below- Ap.docxWrite a 1-2 page critique of 1 of the readings listed below- Ap.docx
Write a 1-2 page critique of 1 of the readings listed below- Ap.docx
 
Write a 1- to 2-page summary and include the followingEar.docx
Write a 1- to 2-page summary and include the followingEar.docxWrite a 1- to 2-page summary and include the followingEar.docx
Write a 1- to 2-page summary and include the followingEar.docx
 
Write a 1-2 double-spaced short essay about some of the factors we h.docx
Write a 1-2 double-spaced short essay about some of the factors we h.docxWrite a 1-2 double-spaced short essay about some of the factors we h.docx
Write a 1-2 double-spaced short essay about some of the factors we h.docx
 
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docxWrite a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentation wi.docx
 
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docx
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docxWrite a 1,750- to 2,100-word paper describing how verbal and nonve.docx
Write a 1,750- to 2,100-word paper describing how verbal and nonve.docx
 
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docxWrite a 1- to 2-page paper or create a 6- to 8-slide presentati.docx
Write a 1- to 2-page paper or create a 6- to 8-slide presentati.docx
 
Write a 1,800 word coherent essay that examines women’s stru.docx
Write a 1,800 word coherent essay that examines women’s stru.docxWrite a 1,800 word coherent essay that examines women’s stru.docx
Write a 1,800 word coherent essay that examines women’s stru.docx
 
Write a 1,400- to 1,750-word paper that discusses future trends in.docx
Write a 1,400- to 1,750-word paper that discusses future trends in.docxWrite a 1,400- to 1,750-word paper that discusses future trends in.docx
Write a 1,400- to 1,750-word paper that discusses future trends in.docx
 
Write a 1,400- to 1,750-word paper that examines the influences of.docx
Write a 1,400- to 1,750-word paper that examines the influences of.docxWrite a 1,400- to 1,750-word paper that examines the influences of.docx
Write a 1,400- to 1,750-word paper that examines the influences of.docx
 
Write a 1,500-1,900-word double-spaced essay on one of the following.docx
Write a 1,500-1,900-word double-spaced essay on one of the following.docxWrite a 1,500-1,900-word double-spaced essay on one of the following.docx
Write a 1,500-1,900-word double-spaced essay on one of the following.docx
 
Write a 1,400- to 1,750-word paper in which you describe the key e.docx
Write a 1,400- to 1,750-word paper in which you describe the key e.docxWrite a 1,400- to 1,750-word paper in which you describe the key e.docx
Write a 1,400- to 1,750-word paper in which you describe the key e.docx
 
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docx
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docxWrite a 1,250-1,500-word paper analyzing concepts of contemporary .docx
Write a 1,250-1,500-word paper analyzing concepts of contemporary .docx
 

Recently uploaded

Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfMahmoud M. Sallam
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 

Recently uploaded (20)

ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)ESSENTIAL of (CS/IT/IS) class 06 (database)
ESSENTIAL of (CS/IT/IS) class 06 (database)
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Pharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdfPharmacognosy Flower 3. Compositae 2023.pdf
Pharmacognosy Flower 3. Compositae 2023.pdf
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 

Laboratory 2PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER.docx

  • 1. Laboratory 2 PRACTICE EXAMINING TRAFFIC WITH A PROTOCOL ANALYZER The purpose of this lab is to practice examining traffic using a protocol analyzer and recognize a SYN attack. The SYN flood attack is one of the common Denial of Service (DoS) attacks in the Internet. In the SYN flood attack, an attacker sends a large number of SYN packets to the server, ignores SYN/ACK replies and never sends the expected ACK packet. Basically, the attacker overwhelms the server with many half-established connections and exhausts the server resources, and hence the attack is known as a DoS attack. The tool you will be using is known as Wireshark, a well-known open source packet analyzer. The exercise will demonstrate that recognizing an attack requires sophisticated tools (such as Wireshark) and knowledge of the domain (TCP/IP network). Assignment: 1. Obtain a trace file of the TCP handshake process. Download the attached files: "tcpshake.cap," "tcpshake.prn" (TCP: Handshake Process) and "tcp-syn-attack.cap," "tcp-syn- attack.prn," (TCP: TCP SYN Attack). The .prn file is a text file, and you can read it with Notepad or Wordpad. It contains a formatted "report" with information on each packet. The .cap file is in the proprietary Sniffer format. Opening this file produces a graphic representation of the same information. You can read .cap files with Wireshark/Ethereal, a public domain analyzer. 2. Obtain Wireshark Follow the link to Wireshark from http://www.wireshark.org (or http://www.filehippo.com/download_wireshark/ ) and download the version 2.0.5 or a previous version (the current stable release of Wireshark is 2.0.5). Depending on the
  • 2. version, release and OS you might find the options in different places. On the Wireshark home page, follow the link to Download. For Windows, you may download and install "wireshark-win32- 2.0.5.exe." Select all installation options. (Note: These files are about 13-22MB.) On the same page you can find also the documentation ( http://www.wireshark.org/download.html ). If you use a packet driver, Wireshark can both capture packets and read trace files of packets that have already been captured. However, the packet driver must access parts of your operating system that some students may not have access to. That is the reason why this is not a packet capturing exercise. However, you should learn to capture packets yourself if you can. The packet driver you will need is winpcap. It is available at http://www.winpcap.org/install/ . However, you do not need winpcap for the exercise you are going to do now. 3. Read the tcpshake.cap trace file. Become familiar with Wireshark's interface. Run Wireshark from the shortcut that is now on your desktop. Click File|Open and uncheck all the name resolution options at the bottom of the dialog box. Type the path to tcpshake.cap, or navigate to it using the top part of the dialog box. (This interface may take a few trials to get used to.) Explore the trace in the three panes of the analyzer. These three panes are standard to most analyzers. They are the summary pane, the protocol tree pane, and the hex pane. Explore the preferences and configuration options in Wireshark. Share your findings with the class. Print a packet or any part of a packet you are interested in. 4. Read the tcp-syn-attack.cap file and answer the following 10 questions: Is this a two-way conversation? Are there any ACK's?
  • 3. How long is the data portion of each packet? Why? Why is the sequence number zero (seq=0) in every packet? Why do the port numbers change in every packet? Look at the "Time" column in the summary pane. How do you interpret it? Click the "View" menu and select "Time Display Format". "Seconds since beginning of capture" is checked. Select "Seconds since Previous Captured Packet". How frequently are these packets being sent? Where in the protocol tree pane would you find the protocol "Type" field? Look in the flags section of the transport layer (Transmission Control Protocol" in the protocol tree section for one of the packets. What flags are set? How does a SYN attack deny service? Post your answer to the assignment folder under LAB2 (due date: 11/13).