Presentation is loading. Please wait.

Presentation is loading. Please wait.

3. Protocol Analysis Objectives Protocol Analysis Hands On.

Published byBernt Fleischer Modified over 5 years ago

Similar presentations

Presentation on theme: "3. Protocol Analysis Objectives Protocol Analysis Hands On."— Presentation transcript:

1 3. Protocol Analysis Objectives Protocol Analysis Hands On

2 Protocol Analyzer Summary Detail Hex Dump
Start Sniffer (upper right corner) File Open – Snmp1.cap Maximize Window

3 Hands on 1(4) What community name is used for communication with destination address a) for read access? b) for write access? c) who is (sysObjectID)? What value (hex) is used for the datatype TimeTicks? (remember Tag-Length-Value) ardbeg bowmore Microsoft (311) 43

4 Hands on 2(4) 3. Packet no 10 is an Authentication Failure Trap
a) why is this trap sent? b) who is the target (address and port)? c) who (IP address) is not authorized? d) who (vendor) is sending the trap? bad community or access-list , 162 cisco

5 Hands on 3(4) 4. Packet no 13 is a GetBulk Request asking a Cisco router for ifDescr a) how many instances is requested? b) how many instances had been optimal to request? if we use GetNext, how many GetNext + Response packets must be sent? why is packet no 14 sent? 15 10 22 unknown engine id

6 Hands on 4(4) 5. Packet no 19 is also a GetBulk Request. In this request we ask a windows computer for installed programs a) how many instances is requested? what happens? 6. Packet no 92 is a Cold Start Trap a) why is this trap sent? 35 IP fragmentation (> 1514 byte) router restarted from console

Download ppt "3. Protocol Analysis Objectives Protocol Analysis Hands On."

Similar presentations

COEN 445 Lab 7 Wireshark Lab: IP Claude Fachkha.

COEN 445 Lab 7 Wireshark Lab: IP Claude Fachkha.
COEN 252 Computer Forensics Using TCPDump / Windump for package analysis.

COEN 252 Computer Forensics Using TCPDump / Windump for package analysis.
History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.

History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.
© Wiley Inc. 2006. All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 2: Internet Protocols.

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 2: Internet Protocols.
CIS 235: Networks Fall, 2007 Western State College Computer Networks Fall, 2007 Prof Peterson.

CIS 235: Networks Fall, 2007 Western State College Computer Networks Fall, 2007 Prof Peterson.
ITIS 6167/8167: Network and Information Security Weichao Wang.

ITIS 6167/8167: Network and Information Security Weichao Wang.
ARP Request/Reply Can we modify our previous device-driver so it will allow us to send and receive ‘raw’ packets?

ARP Request/Reply Can we modify our previous device-driver so it will allow us to send and receive ‘raw’ packets?
TCP connection my Computertelnet client web server remote computer 1 character per transmission Telnet uses TCP connection.

TCP connection my Computertelnet client web server remote computer 1 character per transmission Telnet uses TCP connection.
TCP connection my Computertelnet client web server remote computer 1 character per transmission * Telnet uses TCP connection * but Nagle's algorithm modifies.

TCP connection my Computertelnet client web server remote computer 1 character per transmission * Telnet uses TCP connection * but Nagle's algorithm modifies.
1 Reminding - ARP Two machines on a given network can communicate only if they know each other’s physical network address ARP (Address Resolution Protocol)

1 Reminding - ARP Two machines on a given network can communicate only if they know each other’s physical network address ARP (Address Resolution Protocol)
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Exploring the Functions of Routing.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Exploring the Functions of Routing.
© N. Ganesan, All rights reserved. Chapter IP Routing.

© N. Ganesan, All rights reserved. Chapter IP Routing.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Constructing a Network Addressing Scheme.

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—4-1 LAN Connections Constructing a Network Addressing Scheme.
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.

Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Slide: 1 Lesson 20 RADIUS and Internet Authentication Service.
Ch. 31 Q and A IS 333 Spring 2015 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.

Ch. 31 Q and A IS 333 Spring 2015 Victor Norman. SNMP, MIBs, and ASN.1 SNMP defines the protocol used to send requests and get responses. MIBs are like.
Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 4: Dynamic Host Configuration Protocol.
4: Network Layer4a-1 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time.

4: Network Layer4a-1 IP datagram format ver length 32 bits data (variable length, typically a TCP or UDP segment) 16-bit identifier Internet checksum time.
Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.

Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.
Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.

Network Redundancy Multiple paths may exist between systems. Redundancy is not a requirement of a packet switching network. Redundancy was part of the.

Similar presentations

Ads by Google