CSIS 535 Lab: Capturing and Analyzing Wireshark UDP packets Assignment Instructions There are 2 lab exercises in Lab: Capturing and Analyzing Wireshark UDP Packets Assignment. The first lab will be...

1 answer below »

CSIS 535
Lab: Capturing and Analyzing Wireshark UDP packets Assignment Instructions
There are 2 lab exercises in Lab: Capturing and Analyzing Wireshark UDP Packets Assignment. The first lab will be completed on a lab report sheet; the second lab will be submitted as a paper.
Part 1: Lab XXXXXXXXXXUDP
In this lab, you will use Wireshark to capture and study UDP packets. You will find the values of different fields of a UDP user datagram header. Using the values in these fields, you will also find all the information about a user datagram and verify that the value in the total length field matches the total number of bytes in the user datagram (header and data). You will also check to see whether a checksum has been calculated for the packet. For additional information on Wireshark, refer to Chapter 1.
UDP is a connectionless protocol; no connection-establishment and connection-termination packets are issued by UDP. This means that UDP cannot be a source or sink protocol in a captured frame. To analyze UDP headers, you need to use a source or sink protocol at the application layer that uses the services of UDP. DNS is a good candidate. However, as you will learn in Chapter 26, DNS packets can be encapsulated in either UDP or TCP packets (depending on the size). You need to be careful to select only those DNS packets that use the service of UDP. Since any client-server application program (except DNS itself) uses DNS as the first step, you can open any application to capture DNS packets. Accessing your favorite website for this purpose is recommended.
24.1.1 Assignment
· Start your web
owser and clear the
owser's cache memory, but do not access any website yet.
· Open Wireshark and start capturing.
· Go back to your web
owser and retrieve a file from any website. Wireshark will start capturing packets.
· After enough packets have been captured, stop Wireshark and save the captured file.
· Using the captured file, select only those DNS packets that use the service of UDP.
· Type udp (lowercase) in the Filter field and click Apply. The packet list pane of the Wireshark window will now display numerous DNS messages. Each DNS message is ca
ied in a UDP packet.
Questions
Using the captured information, answer the following questions on the Lab: Capturing and Analyzing Wireshark UDP Packets – Part 1 Lab Report Sheet.
1. In the packet list pane, select the first DNS packet. In the packet detail pane, select the User Datagram Protocol. The UDP hexdump will be highlighted in the packet byte lane. Using the hexdump and consulting Figure 24.2 in the textbook, determine:
a. the source port number.
the destination port number.
c. the total length of the user datagram.
d. the length of the data.
e. whether the packet is directed from a client to a server or vice versa.
f. the application-layer protocol.
g. whether a checksum is calculated for this packet or not.
2. Using the information in the packet detail lane, verify the answers you obtained in question 1.
3. What are the source and destination IP addresses in the query message? What are those addresses in the response message? What is the relationship between the two?
4. What are the source and destination port numbers in the query message? What are those addresses in the response message? What is the relationship between the two? Which port number is a well-known port number?
5. What is the length of the first packet? How many bytes of payload are ca
ied by the first packet?
6. In the packet detail pane, select the Domain Name System. The DNS message will be highlighted in the packet byte pane. Count the number of bytes highlighted in the packet byte pane. Does the count agree with the answer to question 5?
7. Is the checksum calculated for the first UDP packet? What is the value of the checksum?
24.1.2 Documents to Turn in
1. A copy of the Lab: Capturing and Analyzing Wireshark UDP Packets –Part 1 Lab Report Sheet that contains answered questions.
2. A printout of the supporting captured information.
Part 2: BGP
You have a single multi-homed BGP connection to 2 ISPs. You want to load balance traffic to a specific destination but you have no control over what the ISPs are doing with that route as it traverses the network.
Assignment:
1. Nothing has been preconfigured for you.
2. Make the required physical connections as depicted in the diagram (below).
3. Configure the IP addresses as depicted in the diagram (begin with XXXXXXXXXX).
4. Configure eBGP as follows using the connected physical interfaces as update sources:
* R1 to R3
* R1 to R2
* R3 to R4
* R4 to R5
* R2 to R5
5. Add a loopback on R1 and R5 with addresses XXXXXXXXXX/32 and XXXXXXXXXX/32 respectively.
6. Pull these loopbacks into BGP using the network command, and no other networks afterwards.
7. Configure an outbound route-map on R5 to set the origin to “?” for all routes it sends to R2.
8. Configure an outbound route-map on R5 to set the origin to “e” for all routes it sends to R4.
9. Configure an outbound route-map on R2 to set the MED to 2 for all routes it sends to R1.
10. Configure an outbound route-map on R3 to set the MED to 3 for all routes it sends to R1.
11. Ensure R1’s BGP table reflects these updates, and ensure you have connectivity from XXXXXXXXXXto XXXXXXXXXX.
Given:Assume all IPs begin with XXXXXXXXXXunless stated otherwise.
AS 1
AS 3
AS 4
AS 2
AS 5
.2
.1
.1
.2
.3
.3
5.5.5.5/32
.4
.4
.5
.5
45.0/24
25.0/24
34.0/24
12.0/24
13.0/24
1.1.1.1/32
f0/0
f0/0
f0/0
f0/0
f0/0
f0/1
f0/1
f0/1
f0/1
f0/1
R 4
R 1
R 2
R 5
R 3
Page 1 of 4

CSIS 535
Lab: Capturing and Analyzing Wireshark UDP packets Assignment Instructions
There are 2 lab exercises in Lab: Capturing and Analyzing Wireshark UDP Packets Assignment. The first lab will be completed on a lab report sheet; the second lab will be submitted as a paper.
Part 1: Lab XXXXXXXXXXUDP
In this lab, you will use Wireshark to capture and study UDP packets. You will find the values of different fields of a UDP user datagram header. Using the values in these fields, you will also find all the information about a user datagram and verify that the value in the total length field matches the total number of bytes in the user datagram (header and data). You will also check to see whether a checksum has been calculated for the packet. For additional information on Wireshark, refer to Chapter 1.
UDP is a connectionless protocol; no connection-establishment and connection-termination packets are issued by UDP. This means that UDP cannot be a source or sink protocol in a captured frame. To analyze UDP headers, you need to use a source or sink protocol at the application layer that uses the services of UDP. DNS is a good candidate. However, as you will learn in Chapter 26, DNS packets can be encapsulated in either UDP or TCP packets (depending on the size). You need to be careful to select only those DNS packets that use the service of UDP. Since any client-server application program (except DNS itself) uses DNS as the first step, you can open any application to capture DNS packets. Accessing your favorite website for this purpose is recommended.
24.1.1 Assignment
· Start your web
owser and clear the
owser's cache memory, but do not access any website yet.
· Open Wireshark and start capturing.
· Go back to your web
owser and retrieve a file from any website. Wireshark will start capturing packets.
· After enough packets have been captured, stop Wireshark and save the captured file.
· Using the captured file, select only those DNS packets that use the service of UDP.
· Type udp (lowercase) in the Filter field and click Apply. The packet list pane of the Wireshark window will now display numerous DNS messages. Each DNS message is ca
ied in a UDP packet.
Questions
Using the captured information, answer the following questions on the Lab: Capturing and Analyzing Wireshark UDP Packets – Part 1 Lab Report Sheet.
1. In the packet list pane, select the first DNS packet. In the packet detail pane, select the User Datagram Protocol. The UDP hexdump will be highlighted in the packet byte lane. Using the hexdump and consulting Figure 24.2 in the textbook, determine:
a. the source port number.
the destination port number.
c. the total length of the user datagram.
d. the length of the data.
e. whether the packet is directed from a client to a server or vice versa.
f. the application-layer protocol.
g. whether a checksum is calculated for this packet or not.
2. Using the information in the packet detail lane, verify the answers you obtained in question 1.
3. What are the source and destination IP addresses in the query message? What are those addresses in the response message? What is the relationship between the two?
4. What are the source and destination port numbers in the query message? What are those addresses in the response message? What is the relationship between the two? Which port number is a well-known port number?
5. What is the length of the first packet? How many bytes of payload are ca
ied by the first packet?
6. In the packet detail pane, select the Domain Name System. The DNS message will be highlighted in the packet byte pane. Count the number of bytes highlighted in the packet byte pane. Does the count agree with the answer to question 5?
7. Is the checksum calculated for the first UDP packet? What is the value of the checksum?
24.1.2 Documents to Turn in
1. A copy of the Lab: Capturing and Analyzing Wireshark UDP Packets –Part 1 Lab Report Sheet that contains answered questions.
2. A printout of the supporting captured information.
Part 2: BGP
You have a single multi-homed BGP connection to 2 ISPs. You want to load balance traffic to a specific destination but you have no control over what the ISPs are doing with that route as it traverses the network.
Assignment:
1. Nothing has been preconfigured for you.
2. Make the required physical connections as depicted in the diagram (below).
3. Configure the IP addresses as depicted in the diagram (begin with XXXXXXXXXX).
4. Configure eBGP as follows using the connected physical
Answered Same DayApr 10, 2022

Solution

Naveen Kumar answered on Apr 11 2022
12 Votes
Lab: Capturing and Analyzing Wireshark UDP packets Assignment Instructions
                                                                                                  9
Lab: Capturing and Analyzing Wireshark UDP packets Assignment Instructions
Capturing the UDP Packets
    Item
    Information
    Device details
    1
    Directions
    Client to Serve
    2
    Source IP
    10.0.0.3 (Local Client PC)
    3
    Destination IP
    8.8.8.8 (dns.google)
    4
    DNS query name
    abuseipdb.com
    5
    DNS query replay
    104.26.13.38(abuseipdb.com)
About DNS:
DNS stands for Domain Name System. DNS is a service that provides a mapping between the name of a host on the network and its numerical address (Internet protocol address).
The DNS Server operates using UDP (Protocol 17) on Well-known Port number 53.
1. DNS Packet header information:
The DNS protocol uses two types of DNS messages
1. Queries and replies both have the same format.
2. Each message consists of a header and four sections: question,...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here