Lab1 Assessment Worksheet: Analyzing IP Protocols with Wireshark
Computers and Technology
Submitted By imtired2
Analyzing IP Protocols with Wireshark
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
In this lab, you exercised a wide variety of capabilities of the Wireshark packet capture and analysis software. In the first part of the lab, you learned about probe placement, clocking/timing issues, Wireshark traffic capture, and the use of filters. In the second part of the lab, you utilized a capture file to answer basic questions about key IP protocols and the basic configuration of the
IP hosts from which traffic is captured. Finally, in the third part of the lab, you explored
Wireshark on your own to answer a set of challenge questions.
Lab Assessment Questions & Answers
1. What are some causes of the number of bytes on the wire exceeding the number of bytes being captured? It could mean that not everything is being captured or that partial or malformed packets have been captured. It is also possible that the computer that is running Wireshark is not capable of keeping up with the interface.
2. What are the source and destination MAC address in Frame 546?
3. What is the manufacturer-specific ID for Intel Core?
4. What is the MAC address used for IPv4 multicast?
5. What version of IP is present in Frame 546? What is the source IP address?
6. At what times did the various steps of the Google three-step TCP handshake occur?
Aug 27, 2013 at 13:08:44.553832000, 13:08:44.554613000, and 13:08:44.561564000.
7. A DNS query failure is referred to a higher-level Domain Name Server under...