Question 23 Intercepting wireless data packets is an example of: Previous
Added by Alex L.
Close
Step 1
This is a concept related to cybersecurity and network security. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 59 other Intro Stats / AP Statistics educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
Texts: Basic attack analysis: 1. Look at captures no. 20 and 22. (You can use the "Go" link at the top of the Wireshark screen to quickly go to a specific capture.) Both packets are ICMP traffic, but there are subtle differences between them. Compare the time-to-live and data field sizes in the two packets. What differences do you see? 2. Do a little Internet research to discover which operating systems use the specific values in their ping commands. What operating system generated the echo request in capture 20? 3. Review packet no. 37 and beyond. What do you think is taking place here? 4. Look at capture 22846. What is suspicious about the flag settings in this packet? 5. What is the IP address of the host being targeted?
Akash M.
7. Which fields in the IP datagram always change from one datagram to the next within this series of UDP segments sent by your computer destined to 128.119.245.12, via traceroute? Why? 8. Which fields in this sequence of IP datagrams (containing UDP segments) stay constant? Why? 9. Describe the pattern you see in the values in the Identification field of the IP datagrams being sent by your computer. Now let's take a look at the ICMP packets being returned to your computer by the intervening routers where the TTL value was decremented to zero (and hence caused the ICMP error message to be returned to your computer). The display filter that you can use to show just these packets is "ip.dst==192.168.86.61 and icmp". 10. What is the upper layer protocol specified in the IP datagrams returned from the routers? [Note: the answers for Linux/MacOS differ from Windows here]. 11. Are the values in the Identification fields (across the sequence of all ICMP packets from all routers) similar in behavior to your answer to question 9 above? 12. Are the values of the TTL fields similar across all ICMP packets from all routers?
Answer the following questions, based on the contents of the Ethernet frame containing the HTTP GET message. Whenever possible, when answering a question you should hand in a printout of the packet(s) within the trace that you used to answer the question asked. Annotate the printout to explain your answer. To print a packet, use File->Print, choose Selected packet only, choose Packet summary line, and select the minimum amount of packet detail that you need to answer the question. 1. What is the 48-bit Ethernet address of your computer? 2. What is the 48-bit destination address in the Ethernet frame? Is this the Ethernet address of gaia.cs.umass.edu? (Hint: the answer is no). What device has this as its Ethernet address? [Note: this is an important question, and one that students sometimes get wrong. Re-read pages 468-469 in the text and make sure you understand the answer here.] 3. Give the hexadecimal value for the two-byte Frame type field. What upper layer protocol does this correspond to? 4. How many bytes from the very start of the Ethernet frame does the ASCII "G" in "GET" appear in the Ethernet frame? Next, answer the following questions, based on the contents of the Ethernet frame containing the first byte of the HTTP response message. 5. What is the value of the Ethernet source address? Is this the address of your computer, or of gaia.cs.umass.edu (Hint: the answer is no). What device has this as its Ethernet address? 6. What is the destination address in the Ethernet frame? Is this the Ethernet address of your computer? 7. Give the hexadecimal value for the two-byte Frame type field. What upper layer protocol does this correspond to? 8. How many bytes from the very start of the Ethernet frame does the ASCII "O" in "OK" (i.e., the HTTP response code) appear in the Ethernet frame?
Recommended Textbooks
Elementary Statistics a Step by Step Approach
The Practice of Statistics for AP
Introductory Statistics
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD