kali linux and wirshark
Entire assignment must be in one word document
Your Assignment must have colored screenshots
You MUST provide color screen-shots which are LARGE ENOUGH in order to be easy to read
You MUST provide at most two color screen-shots per page
Everything (name, answers, etc.) MUST be typed
If any of the above requirements is not followed, the assignment will receive 0 points
1. (3.6 points) A company has been assigned a class B address. A subnet of this company has network address 178.84.225.0 and direct broadcast address 178.84.237.63.
a) Based on the previous information, provide the two smallest network addresses that can be assigned to a subnet of this company.
b) Provide the smallest and largest IP address that can be assigned to a host of each subnets of question “a)”.
c) Provide the two largest network address that can be assigned to a subnet of this company.
d) Provide the smallest and largest IP address that can be assigned to a host of each subnet of previous question “c)”.
You must provide the values of all derived network addresses and IP addresses in Dotted Decimal Notation. You must show your derivations.
2. Start your Bt5, Kali (or other Linux virtual machine) that has hping3 tool installed. Now use ifconfig to find its IP address; to find the IP address of your host OS you can also use ifconfig (if it is Linux) or ipconfig (if it is Windows). Capture screenshots of your ifconfig (or ipconfig) commands and corresponding outputs; showing the two IP addresses. Now start Wireshark in both Bt5 and host OS and select non-promiscuous mode. In both Bt5 and host OS Wireshark add a SrcPort and a DestPort column in the Packet List Pane. In the Wireshark of the host OS, apply a capture filter that will capture only the TCP packets whose source port is 25 and its source IP address is the one of Bt5. Type this capture filter. Also capture a screenshot of this filter in the Wireshark filter box of the host OS. In the Wireshark of Bt5 apply a packet capture filter that will capture only TCP packets that have ALL of the following properties:
a) source port 25,
b) destination port 89,
c) TCP CWR, URG, ACK, PSH, SYN bits set to 1,
d) 1250 TCP data bytes
e) IP Identification 6678,
f) a TCP window size of 35200. Type this capture filter. Also capture a screenshot of this applied filter in the Wireshark filter box of the Bt5.
Now start the packet capturing process in both host OS and Bt5 Wiresharks. Next, use (in Bt5) one hping3 command that will transmit 8 TCP packets to the Host OS with source port 25 and destination ports 84,85,86,87,88,89,90 and 91. Moreover, each one of these packets must have the CWR, URG, ACK, PSH and SYN bits set to 1, its IP Identification field equal to 6678, 1250 TCP data bytes and a TCP window of 35200. Type the hping3 command you have used.
Also capture a screenshot of this hping3 command and its output. Stop the packet capturing process in both Wiresharks .
Capture a screenshot of the packet list pane of the Bt5 Wireshark and a screenshot of the packet list pane of the Host OS Wireshark showing the captured packets. Your screenshots in Bt5 and Host OS must show the port numbers of the transmitted packets. How many packets have been captured by Bt5 Wireshark and how many by the Host OS Wireshark? Is that what you expected? Explain why or why not.
3. (2.4 points) Start your Bt5 (or Kali) and host OS system and use ifconfig or ipconfig to find their IP addresses. Capture screenshots of your ifconfig (or ipconfig) commands and corresponding outputs; showing the IP addresses of Bt5 and host OS. In your Bt5, type the hping3 command that will transmit to the host OS one TCP packet that has only its ECN, URG, PSH, and ACK bits set to 1 (and all other TCP flags set to 0), 56400 TCP data bytes and a destination port number 1234. Type the hping3 command you must use. In your Bt5, also apply a capture filter that will only capture the 24th, 32th and 37th fragments of the transmitted packet. Type the capture filter that you must use. Also capture a screenshot of this filter in the Wireshark filter box of Bt5.
In the host OS start Wireshark and apply a capture filter that will only capture TCP packets with source IP address, the IP address of Bt5. Capture a screenshot of this filter. Now start both Wiresharks in Bt5 and host OS and, then, run the above hping3 command. Capture a screenshot of the hping3 command and its output. Capture a screenshot of the packet list pane of the host OS Wireshark showing in the packet list pane all fragments. Finally, capture a screenshot of the Bt5 Wireshark showing in the packet list pane the captured fragments, and in the packet detailed pane the fragmentation offset of the 15th fragment.
Additional Rules and Penalties
1. At the top of each screenshot you must provide a small caption; similar to those of the Practice
Assignment.
2. The caption and corresponding screenshot must be on the same page.
Each time any of the above rules 1 or 2 is not followed, there will be a 0.5 point deduction.