3. Protocol Analysis Objectives Protocol Analysis Hands On.

Slides:



Advertisements
Similar presentations
COEN 445 Lab 7 Wireshark Lab: IP Claude Fachkha.
Advertisements

COEN 252 Computer Forensics Using TCPDump / Windump for package analysis.
History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.
© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 2: Internet Protocols.
CIS 235: Networks Fall, 2007 Western State College Computer Networks Fall, 2007 Prof Peterson.
ITIS 6167/8167: Network and Information Security Weichao Wang.
ARP Request/Reply Can we modify our previous device-driver so it will allow us to send and receive ‘raw’ packets?
TCP connection my Computertelnet client web server remote computer 1 character per transmission Telnet uses TCP connection.
TCP connection my Computertelnet client web server remote computer 1 character per transmission * Telnet uses TCP connection * but Nagle's algorithm modifies.
1 Reminding - ARP Two machines on a given network can communicate only if they know each other’s physical network address ARP (Address Resolution Protocol)
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Exploring the Functions of Routing.
© N. Ganesan, All rights reserved. Chapter IP Routing.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Constructing a Network Addressing Scheme.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.
Ch. 31 Q and A IS 333 Spring 2015 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.
4: Network Layer4a-1 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time.
Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.
Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.
Chapter 1-3 The Ethernet LAN. Ethernet The networking protocol used in most modern computer networks is Ethernet. Ethernet is a CSMA/CD LAN protocol.
How the Internet Works: What happens when information is sent from your computer?
Tools of Web Development 1: Internet Protocols. Goals Understand what a protocol is. Understand how TCP/IP works. Understand how IP addresses work. Understand.
Sage Metering Service Department
Rules of Packet Transmission
RIP2 (Routing Information Protocol) Team Agile. Routing Protocols Link State – OSPF – ISIS Distance vector – RIP (version 1 and 2) – IGRP (Cisco Proprietary)
Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.
Chapter 19 - Binding Protocol Addresses
BAI513 - PROTOCOLS ARP BAIST – Network Management.
Networks Part 3: Packet Paths + Wireshark NYU-Poly: HSWP Instructor: Mandy Galante.
1 Microsoft Windows 2000 Network Infrastructure Administration Chapter 4 Monitoring Network Activity.
Virtual Local Area Networks (VLANs) Part II
*SWITCHES *WIRELESS Routers. Description/Appearance Forwards data packets (a basic unit of communication) to its destination Can be wireless or connected.
1 CSE 5346 Spring Network Simulator Project.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 4 Learning About Other Devices.
Address Resolution Protocol (ARP). Internet and Data Link Layer Addresses Each host and router on a subnet needs a data link layer address to specify.
ARP ‘n RARP. The Address Resolution Protocol (ARP) is a request sent out by a computer to find another computer’s MAC address. It already knows the IP.
Cisco Router Technology. Overview Topics :- Overview of cisco Overview of cisco Introduction of Router Introduction of Router How Router Works How Router.
IP Fragmentation. Network layer transport segment from sending to receiving host on sending side encapsulates segments into datagrams on rcving side,
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Network Management Workshop June 2009 Papeete, French Polynesia
Behrouz A. Forouzan TCP/IP Protocol Suite, 3rd Ed.
Networks Problem Set 3 Due Nov 10 Bonus Date Nov 9
Exploiting Layer 2 By Balwant Rathore.
APRICOT 2008 Network Management Taipei, Taiwan February 20-24, 2008
Lecture 3 By Miss Irum Matloob.
MANAGEMENT AND METHODS OF MOBILE IP SECURITY
Lab 2: Packet Capture & Traffic Analysis with Wireshark
Network Tools and Utilities
LAN Vulnerabilities.
Network Management Workshop November 2009 Nadi, Fiji
Networks Problem Set 3 Due Oct 29 Bonus Date Oct 26
Cisco Router Technology
Network Management Workshop June 2009 Papeete, French Polynesia
8 Network Layer Part V Computer Networks Tutun Juhana
Standards Basics.
Part1: Ipconfig ping command Tracert command Getmac command
Firewalls.
Chapter 6: Network Layer
Net431:advanced net services
2018 Valid Cisco Exam Dumps IT-Dumps
Binary Lesson 5 Classful IP Addresses
Intro to Wireshark What is it? What does it do? Why do I need it?
Ethernet: A Multi-access Network
What does this packet do?
ARP Spoofing.
Network Management Workshop intERlab at AIT Thailand March 11-15, 2008
46 to 1500 bytes TYPE CODE CHECKSUM IDENTIFIER SEQUENCE NUMBER OPTIONAL DATA ICMP Echo message.
Network Architecture Models: Layered Communications
32 bit destination IP address
Presentation transcript:

3. Protocol Analysis Objectives Protocol Analysis Hands On

Protocol Analyzer Summary Detail Hex Dump Start Sniffer (upper right corner) File Open – Snmp1.cap Maximize Window

Hands on 1(4) What community name is used for communication with destination address 192.10.20.10 a) for read access? b) for write access? c) who is 192.10.20.10 (sysObjectID)? What value (hex) is used for the datatype TimeTicks? (remember Tag-Length-Value) ardbeg bowmore Microsoft (311) 43

Hands on 2(4) 3. Packet no 10 is an Authentication Failure Trap a) why is this trap sent? b) who is the target (address and port)? c) who (IP address) is not authorized? d) who (vendor) is sending the trap? bad community or access-list 192.10.20.4, 162 192.10.20.10 cisco

Hands on 3(4) 4. Packet no 13 is a GetBulk Request asking a Cisco router for ifDescr a) how many instances is requested? b) how many instances had been optimal to request? if we use GetNext, how many GetNext + Response packets must be sent? why is packet no 14 sent? 15 10 22 unknown engine id

Hands on 4(4) 5. Packet no 19 is also a GetBulk Request. In this request we ask a windows computer for installed programs a) how many instances is requested? what happens? 6. Packet no 92 is a Cold Start Trap a) why is this trap sent? 35 IP fragmentation (> 1514 byte) router restarted from console

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.