4.4 | Lab | Data Link Addressing
amanali786
DataLinkAddressingLab2.docxIS 3413 Lab: Data Link Addressing
In this lab, we will investigate the content and use of device addressing at the Data Link layer (often referred to as “hardware addressing”). As we learned near the end of this module, MAC addresses are used to uniquely identify network interfaces. In fact, the computer you are using now has at least one network interface with a uniquely-assigned MAC address. Let’s investigate this. Start by opening a console window. On your windows computer, start typing “command prompt” in the windows search bar:
Select the command prompt application and in the resulting window type “ ipconfig /all” (for most Linux systems, the command “ifconfig -a” should work).
The result of this command provides a great deal of configuration information, usually more than can be displayed within the confines of the console screen. Scroll up and/or down in the console to find a section of information for the Ethernet or WiFi adapter (see display above). Find the line labelled Physical Address and note the 6-byte MAC address of your network interface adapter. Because this uniquely identifies your hardware, it is best security practice not to advertise the full address. However, the first 3 bytes (first 6 hex characters) only specify the manufacturer/vender code. Note these first 3 bytes of your adapter to report for your lab submission.
In the second part of this lab, we will examine Data Link layer addressing as it is used in messages sent across a network. We will do this by examining previously recorded network traffic from a packet capture (pcap) file using Wireshark. Start by downloading the file http_with_jpegs.cap from Blackboard. Next, start Wireshark and open the packet capture file.
Once the packet capture file is opened, select the first line (packet) in the Packet List pane. Now move to the Packet Details pane and expand the second row, which starts with “Ethernet II,” and which we know contains information related to OSI Layer 2, the Data Link layer. Review the information displayed here and use it to answer the questions provided below.
Turn-in Requirements : To complete the assignment, upload a Word (.docx) or Adobe (.pdf) file with answers to the problems below as your submission to this assignment in Blackboard.
1. (6 pts) Provide a semi-anonymous version of your Ethernet or WiFi MAC address (as determined in the first part of the lab) by providing a screenshot of your initial command (ipconfig/all or ifconfig -a). Additionally, please provide a screenshot with your MAC address. You can edit the image if you wish to conceal the last three bytes of your MAC address as shown below.
2. (4 pts) Provide the MAC address of the network adapter which is the source of the traffic sent in the first packet of the file examined with Wireshark including a screenshot of where you located it.
3. (4 pts) Provide the MAC address of the network adapter which is the destination of the traffic sent in the first packet of the file examined with Wireshark including a screenshot of where you located it.
4. (6 pts) The first three bytes of MAC addresses are assigned to a specific vendor or organization and are known as an Organizationally Unique Identifier (OUI). You can look up your MAC address at IEEE or Dan’s Tools. What are the names and addresses of the manufacturers for your source and destination MAC addresses? Include a screenshot.
5. (10 pts) Check out the following two websites and answer these questions. What is MAC address spoofing? Why may someone want to change or spoof their MAC address? What are the steps to change the MAC address for your computer?
https://www.howtogeek.com/192173/how-and-why-to-change-your-mac-address-on-windows-linux-and-mac/
https://www.digitalcitizen.life/change-mac-address-windows/
