StudyDaddy Computer Science IDS AND IPS

IDS AND IPS

Wireshark Exercises

Exercise #1

  1. Open Wireshark Exercise #1 PCAP file in folder 02 from you Cyber Club Blackboard account and answer the following questions.

  2. How many protocols are displayed in this file? ___________________

  3. What are the names of the protocols? __________________________

  4. How many packets are displayed on the screen? ___________________

  5. Look at packets #1 and #2 and answer the questions below.

      1. What operation is being performed in packets 1 and 2 and why? ____________________________________________________________

      2. What is the IP address of the requesting system? ______________

      3. What is the IP address of the responding system? ______________

      4. Look at packet #1. What is the destination MAC address and why is the address this number? ____________________________________________________

      5. What number system is used for the MAC address? ______________

  6. Look at packets 3 thru 10 and answer the following questions.

      1. What operation(s) is/are being performed? ___________________

      2. What is the IP address of the source system in packet #3? ___________________

      3. What is the is the IP address of the source in packet #8 ___________________

  7. What is the total time taken to transmit the 10 packets? ________________________

  8. (Difficult Question) Using Wireshark find the Ethernet endpoints for the packets in this file. _______________________________________________________________

Exercise #2

  1. Close Wireshark and restart it.

  2. Select your capture option.

  3. Stop the capture by selection the red box on the menu.

  4. Open the Command Prompt screen.

IDS AND IPS 1


  1. Type “tracert pearson.com”. Do not press return.

  2. Start Wireshark by clicking the shark fin on the menu.

  3. Go back to the Command Prompt screen and press the return key.

  4. Wait for the tracert process to complete, then stop the Wireshark capture.

  5. Answer the following questions:

    1. How many “hops” were there between your computer and the Pearson site? ____________________________________________________

    2. Look at the Wireshark screen and notice that you have collected a great deal of data. How will you find the packets which show your computer’s process of reaching Pearson? ____________________________________________________________________________________________________________________________________

    3. Implement the process that you stated in “b” above.

    4. Which protocol was used to perform the trace? _________________________

    5. What is your computers IP address? _____________________

    6. What is Pearson’s IP address? ______________________________

    7. What does TTL mean? ______________________________________

    8. What was the highest TTL number shown in the exchange between your computer and Pearson site? ______________________________

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!