Capture ARP packets and answer the following questions:a)Describe the method by which you obtained ARP packets?
b)What is the purpose of ARP protocol? Explain with the help of a diagram.
c)From the captured packets, determine your computers MAC address and the destinations MAC address? Provide the screen shot.
d)Find a suitable command to use on MS-DOS command prompt to determine the contents of your computer’s ARP cache. What command did you use? What is the meaning of each column value in the resulting output?
e)What is the approximate time that an entry resides in your PCs ARP cache before its removal?
In this exercise, you will need to run an application that uses UDP and an application that uses TCP. Capture the UDP and TCP packets.
a)Select a UDP packet and answer the following:
I.What is the length of the IP header and what value the “Protocol” field has?
II.What is the checksum value in IP header? Is it enabled or disabled?
III.What are the fields in UDP header?
b)Select a TCP packet and display all the TCP exchanges for this TCP packet (TCP stream). Answer the following:
I.What is meant by TCP connection establishment?
II.Provide a screenshot of 3-way handshake in the selected TCP establishment
c)If the checksum validation is disabled in IP, UDP and TCP headers, how would you enable the validation?
Use a web browser to connect to any overseas based website to generate HTTP packets. Run Wireshark and capture packets for around 1-2 min. Stop Wireshark and use HTTP in the filter bar to filter only the HTTP packets.
Note – Screen shots are required for sections (b) up to (e).
a)Explain what HTTP protocol is.
b)How would you filter HTTP packets based on request methods, GET and POST?
c)How would you display all the TCP packets (a complete TCP session) that were exchanged between your browser and one of the servers?
d)Use the “Flow Graph” feature to show the exchanges between your browser and one of the servers. You may use the same packets as in (c).
e)Select a complete HTTP/TCP session used in section (c) and provide a through put analysis.
f)Use the Wireshark feature to display all HTTP exported objects.