This assignment question requires that you analyse a packet capture dump file and provide comments explaining each packet. See assignment 1 page of the course website.

This assignment question requires that you analyse a packet capture dump file and provide comments explaining each packet. See assignment 1 page of the course website.  This pcap file contains a SMTP transaction between a client and server.  Your task is to annotate each packet commenting on the following characteristics. 

•    Comment on any significant TCP flags and what they mean in the context of the packet capture. Significant flags include SYN, FIN, RST, and URG.  You must explain why the flag has been set and what it means for this TCP connection.   
•    Comment on the direction of each packet (ie. client -> server or server -> client).  Be clear to explain in which direction the interaction is occurring. 
•    Comment on each SMTP command and response between the client and the server. You must explain what each command does.  You should also explain the data that is exchanged.  This will require that you study the SMTP RFC or other Internet documents relating to SMTP to understand what the commands mean.   

You should also comment on the 2 port numbers used in this connection and their significance.  For example, is it an ephemeral or reserved port?  If it is a reserved port, what protocol does it relate to? 

On the following page is an example of the template to use to complete this question.  It provides a brief summary of each packet and has been formatted to include an “explanation” field underneath each packet. You are to write your comments in this “explanation” field addressing the packet immediately above, based on your analysis of the packet using Wireshark. Be specific and detailed.  Any vague or limited responses will not attract any marks.  Note, that the table is only a summary of the information provided in the pcap file. Be sure to comment in relation to information provided in the pcap file using Wireshark, not just the summary table. 

For examples of how to complete the table, be sure to have completed all 3 parts of the Packet Capture Exercises. They are available from the Lectures and Tutorials page of the course website. Your solution must of course be in your own words.  Do not copy directly from any examples or you will get zero marks 


Price: £ 24

100% Plagiarism Free & Custom Written, Tailored to your instructions

Leave your Comments


Can't read the image? click here to refresh