ONLY FOR MAESTRO: Assessing Information System Vulnerabilities and Risk

• What are the unique pairs of IP addresses that are communicating with one another, based on the Source and Destination addresses in the top frame of Wireshark user interface?

192.168.1.101, 178.123.13.120, 208.117.231.17 are three examples of the IP address transferring information back and forth between each other during this scan

• For each unique pair of IP addresses communicating, what protocols are being used as indicated by Wireshark?

TELNET, TCP, OSPF, MySQL, HTTP, UDP, SSL. These are all the different protocols used to communicate between the source and destination.

• What source and destination port numbers are indicated as being used?

Note: Click on a packet line in the top pane and open the Transmission Control Protocol (TCP) in the middle pane to identify the port numbers (Src Port and Dst Port) for each unique pair of IP addresses communicating with each unique protocol being used (such as TCP or HTTP, and so forth).

SRC Port : 443 to DST Port : 56562

• What are the MAC Addresses for each of the unique pair of machines that are communicating with one another? Note: This can be seen in the middle frame of the Wireshark user interface on the line that is for the Ethernet II layer.

MAC (00:14:0b:33:33:27) (d0:7a:b5:96:cd:0a)

• What plaintext information (if any) can you find in any of the packets in the upper frame of the Wireshark user interface? Note: Check the Packet Bytes pane, located at the bottom, which displays the raw data of the selected packet in a hexadecimal view. ..33’.z……E.