Due April 19, 2012
Complete the following steps to capture the network traffic generated by your workstation. Use the capture file to write a reportthat answers all of the below questions. The report must contain screen prints from the capture session to support each of your answers.
1. Find the mac and IP addresses of yourcomputer and your router.
2. From the cmd window, execute the ipconfig/dnsflush command to clear the DNS cache on your computer.
3. Disconnect from the network.
4. Start a packet capturesession in Wireshark.
5. Reconnect to the network.
6. With your browser, visit www.ietf.org.
7. With your browser, visit the www.usaa.com home page.
8. Stop the capture session.Capture Questions:
1. What are the mac and IP addresses for your computer and router. You may only include part of your mac addresses for security reasons.
2. Describe the DHCP trafficthat occurs at the start of the capture session. What is the purpose of these frames? What are the IP addresses involved and what devices do they belong to?
3. Describe the ARP traffic thatoccurred during the capture session. What is the purpose of ARP frames? What are the addresses involved and devices do those addresses belong to?
4. Locate the DNS query and response message forwww.ietf.org. What is the purpose of DNS frames? Are these packets sent using UDP or TCP? Why do you think that layer 4 protocol is used rather than the other? What were the source and destinationports for those frames?
5. Locate the frames for the TCP 3-way handshake between your host and the web server for www.ietf.org. What is the purpose of those frames. What are the source anddestination ports that were used for those frames.
6. Locate the frames that were generated when you accessed www.usaa.com. How do these frames differ from the frames generated when you...