Question:
Often the best way to gain an initial familiarity with network tools is to simply use them, at a basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and Tracert are included in Windows, while Wireshark is free to download and install. Explore Wireshark, Netstat and Tracert, then complete this question.
a)A wireshark scan has produced a packet capture, saved to a file named wireshark_capture01.pcapng and available on the Unit website. Download the file and open it in Wireshark, then answer these questions about the scan:
i.Very briefly summarise in your own words the content in each of the three horizontal display windows in Wireshark
ii.In Frame 3, what brand of computer launched this scan and what was its IP address? State where this information is found
iii.Briefly explain the exchange event captured in frames
a)Calculate the network address of this block and how many host addresses including special addresses this block can provide
b)Create the following 6 subnets for this company by calculating the subnet address for each subnet. Answer this question by filling in the table in the Answer template. Use CIDR format for the mask.
I.2 subnets with 32 addresses each
II.4 subnets with 16 addresses each
c)After some time, the company decides that it wants another subnet with 1,024 addresses. Explain whether this can be allocated from the existing block.
Answer:
a)
b)
c)
|
Classless address block
Address: 154.78.177.3 10011010.01001110.10110001.000 00011 Netmask: 255.255.255.224 = 27 11111111.11111111.11111111.111 00000 Wildcard: 0.0.0.31 00000000.00000000.00000000.000 11111 =>
Network: 154.78.177.0/27 10011010.01001110.10110001.000 00000 (Class B) Broadcast: 154.78.177.31 10011010.01001110.10110001.000 11111 HostMin: 154.78.177.1 10011010.01001110.10110001.000 00001 HostMax: 154.78.177.30 10011010.01001110.10110001.000 11110 Hosts/Net: 30
|
Question 2: (8 marks)
|
a)
|
Network Address
Address: 138.77.216.5 10001010.01001101.11011000 .00000101 Netmask: 255.255.255.0 = 24 11111111.11111111.11111111 .00000000 Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111 =>
Network: 138.77.216.0/24 10001010.01001101.11011000 .00000000 (Class B) Broadcast: 138.77.216.255 10001010.01001101.11011000 .11111111 HostMin: 138.77.216.1 10001010.01001101.11011000 .00000001 HostMax: 138.77.216.254 10001010.01001101.11011000 .11111110 Hosts/Net: 254
|
b)
|
Subnet
|
No. addresses
|
Subnet address
|
Mask /n
|
1
|
32
|
138.77.216.6
|
255.255.255.255
|
2
|
32
|
138.77.216.7
|
255.255.255.255
|
3
|
16
|
138.77.216.8
|
255.255.0.0
|
4
|
16
|
138.77.216.9
|
255.255.0.0
|
5
|
16
|
138.77.216.10
|
255.255.0.0
|
6
|
16
|
138.77.216.11
|
255.255.0.0
|
|
c)
|
The company is granting the host address that can be used in the network. However, in the address block, the first address will be used as the network address and special address is assigned as the last address. The 1024 addresses are allocated from the existing block because the company is granting host address in a block and also provide special addresses for each subnet.Lifewire. (2018).
|
Question 3: (4 marks)
|
a)
i)
ii)
iii)
iv)
|
Three horizontal display shows the following information’s,
· Packet Lists
· Packet Details
· Packet Bytes
The Frame 2 is capturing the packet of 85 bytes. It captures the packets by using the User datagram protocol. It has payload length of 31 and hop limit is 128. It scans the source port that is 59362 and destination port is https (443). It has data length of 23 to exchange the packets between the source and destination. It is shown below.
Using UDP and TCP protocol, the Frame 4, 5 and 6 are exchanging the events. In the captured packets, the effective network information is provided by these UDP and TCP protocol. Here, the https is exchanging the information from source to destination. The source https sends the packets to the destination port 59362. These two protocols have exchanged the packets and messages to each other. The frame 4 and 6 is calculated the window size that is 1026. And The frame 5 is calculated the window size of 225. It provides the checksum of the source and destination port by using the SEO/ACK analysis (Lifewire, 2018). It is used to provide the assured forwarding the packets to the destination. TCP and UDP protocols aspects the behind the SSH key exchanges by using the SSH protocols.
The wireshark is the very popular network analysis tool. The network traffic is monitored by this tool and also provides the secure network. The network trouble shooting problems are reduced by using this tool. In a network, the network security problems are determined. It measures the data in a perfect manner to reduce the network problems to provide the secure and effective network.
|
b)
|
B) Netstat
The netstat or network statistics is a command line tool and it is used to display the network connection, network protocol statistics, number of network interfaces and routing table. It also prints the masquerade connections and multicast memberships connections (Tldp.org, 2018). The netstat prints the information about the Linux operating system that are controlled by the first argument such as –route, –groups, –statistics and more. In our network statistics display the LISTENNING, ESTANLISHED and CLOSE_WAIT. The socket information is printed by using the ESTABLISHED states and its established connection. The CLOSE_WAIT states are used to print the information about the remote end has shut down and waiting for the socket to close. The socket information is printed by using the LISTENING states and the connection request is listened. Techgenix.com. (2018).
|
c)
|
C) Tracert
The Tracert is based on command line tool and it is used to trace the internet protocol path that take to its source and destination. It will find the path taken to a destination because it sends the ICMP echo request messages to the destination. If destination sends the traffic, the tracert will increases the Time to live field values incrementally to determine the path taken to the destination address. The tracert works by manipulating the TTL (Time to Lie values). If TTL values is increased, the tracert will be decreased each router hop count from source to destination (Techgenix.com, 2018). The Tracert working is shown below. The below displays the path that is the list of routers in the path between the source host and destination. It also lists the near side interfaces that is interface of the router closest to send the host in the path. The tracert determines the network device using the IP address of 192.168.1.206. Here, we are tracing the router to www.google.com. The tracert will identify the thirteen network devices including out router and generally way through to the target of www.google.com by using the public IP address and our network IP address (Tldp.org. (2018)).
|
References
Lifewire.(2018). How to Use the Tracert Command in Windows. [online] Available at: https://www.lifewire.com/tracert-command-2618101 [Accessed 14 Apr. 2018].
Techgenix.com. (2018).Using Tracert. [online] Available at: https://techgenix.com/Using-Tracert/ [Accessed 14 Apr. 2018].
Tldp.org. (2018).The netstat Command. [online] Available at: https://www.tldp.org/LDP/nag2/x-087-2-iface.netstat.html [Accessed 14 Apr. 2018].