Assignment 2: Analysis Internet Protocols
Information Systems Management CS490 – Summer 2022
Page 1 of 12 Assignment 2 CS 490 Summer 2022
Copyright By PowCoder代写 加微信 powcoder
Instructions:
1. This is an individual homework. Each student must submit his/her solution using the dropbox.
2. All submissions are to be via the LEARN Submission System; no other way of submission is accepted.
3. All submissions must be submitted through the dropbox by the due date or by the closure date, allows 3 days for late submissions.
Purpose and Objective
The purpose of this assignment is to sample application layer services. Using packet capturing software, you will be demonstrating the basic concepts of the OSI, Specifically HTTP, FTP, SSL, Telnet,and SSH protocols are demonstrated based on the TCP/IP stack
General Information and Policies
– Solutions must to be submitted on through the blackboard system.
– Ideal reports include screen snapshots of all of the exercises as
well as copies of data segments where applicable.
Objectives
– Map the theoretical context of the material learned in class to their implementation in the realworld.
– Dissect popular network services using protocols analysis software.
– Differentiate between network services based on the TCP/IP Reference Model.
– Demonstrate secure application layer protocols.
– Observe differences between Telnet and SSH.
– Discover server type, name and IPs
– Observe HTTP headers
TCP/IP, TCP, IP, promiscuous mode, HTTP, HTTPS, FTP, SSH, Telnet, vulnerabilities, controls, three-way handshake
Readings and Resources:
– Review the “Introduction to Wireshark” video.
http://wiresharkdownloads.riverbed.com/video/wireshark/intro duction-to- wireshark/
– Read pages 1-3 of Chapter-1 (The WireShark User’s Guide).
– Mozilla mdn: https://developer.mozilla.org/en-US/docs/Web/HTTP
– The TCP/IP Reference: https://nmap.org/book/tcpip-ref.html
– Varnish Software: https://info.varnish-software.com/varnish-enterprise-us-conv
Software Requirements
– WireShark Software Installation
Deliverables
– Assignment Report.
– A copy of the captured frames.
Page 2 of 12 Assignment 2 CS 490 Summer 2022
Part 1: Packet Analysis
1.1 WireShark Installation
– Download Wireshark: https://www.wireshark.org/#download – Double click on the WireShark Installer Software.
– From the Edit menu, select Edit Preference:
vi. Page 3 of 12
From User Interface tab, select Capture Deselect the “Capture packets in promiscuous mode“ option
Click Apply.
What is promiscuous mode?
Click on “Interfaces List“ and Start the capturing service for all physical interfaces on your computer.
Select components to be installed
Fulfill the process of installation and run the program.
Assignment 2 CS 490 Summer 2022
ii. iii. iv.
Page 4 of 12 Assignment 2 CS 490 Summer 2022
Part 2: HTTP, FTP, and DNS Analysis
1. Start a browser session.
a. Retrieve the resource: https://network-tools.com.
b. Using the list of tools available on the page, answer the following questions:
– What is the IP address assigned for uwaterloo.ca web server? _ _
c. List two IP addresses of authoritative Resolvers/DNS servers of
University of Waterloo.
2. Using the ’s HTTP Viewer Applet (http://www.rexswain.com/httpview.html):
a. trace a GET HTTP request for the resource https://uwaterloo.ca
b. Analyze the Response Header and use the Mozilla mdn documentation to
answer the following:
i. What is the source of the header? Specify the version and name of the
ii. Based on the value of the age attribute; has the response sent
from the web server directly or a proxy cache?
iii. What is content-security-policy that the header is asserting?
What type of threats CSP would mitigate?
iv.Hackers perform packet sniffing to obtain information from
cookies? How can you protect cookies?
3. Examine the HTTP header, has the Authorization field been enables? Refer to the W3C (The World Wide Web Consortium) at the HTTP Request Fields resource and explain what is the purpose of the Authorization directive?
4. The frame shown below depicts a DNS query sent to a DNS resolver, decode the highlighted bytes listed below by converting to ASCII representation.
Page 5 of 12 Assignment 2 CS 490 Summer 2022
5. Using the attached set of frames, by identifying the bytes that specifies the associated with port number 53, demonstrate that that this DNSimplementation utilizes UDP as its transporter.
– Hint: identify the number of bytes that are dedicated for UDP header.
6. For the FTP packet located at ftp.pcap – CS Personal on cloudshark.org:
a. interpret why frames 1, 2, 3, 109, 110, 111, and 112 were sent?
b. In frame 1, interpret 21 [SYN].
c. In frame 2, interpret the meaning of [SYN, ACK] Seq=0
Ack=1 Win=5792 specified in frame 2. Identify how SYN
might be used to compromise the server.
d. Analyze the frame and determine what type credentials
are required to download contents from the sever.
e. Using Analysis Tools, which files were downloaded from the server?
f. What type of activities were performed by the client on the FTP server?
g. Summarize the client-server interaction using a ladder diagram.
– Analysis Tools➔Ladder Diagrams
h. Identify the threat vector for these set of interactions.
– Analysis Tools➔Threat Assessment Summary➔View Advanced Threat Analysis➔Click the Red Arrow.
Page 6 of 12 Assignment 2 CS 490 Summer 2022
Part 3: Secure Connections
1. Download the PuTTY for Telnet utility using Hypertext Transfer Protocol
This section demonstrates a method for downloading a file using the Hypertext Transfer Protocol.
1.5 1.6 1.7
Ping the extracted URL.
Identify the IP address of the pinged server:
Using the filter dialog box, extract the frames that includes the IP addressthat you have identified in step 1.10 (above):
Open your Internet browser and request the Putty download page usingthe following URL:
http://www.chiark.greenend.org.uk/~sgtatham/putty/download. html
Make sure that your WireShark is running and from the Capture Menuclick Restart.
Switch to using Alt-key and Tab-key.
From the , click on puttytel.exe hyperlink in order todown load the file using Hypertext Transfer Protocol.
On the WireShark Capture menu, click stop
Save the captured segment in a file and name it http-puttytel.pcap
On the , hover with mouse on the puttytel.exe hyperlink and right-click the mouse and select Properties. From the dialog box obtain the URL for the hyperlink (or copy link address and paste into a notepad file).
From the hyper link extract the URI for the putty server:
Page 7 of 12
Assignment 2 CS 490 Summer 2022
– Click on Expression.
– Specify field name as IPv4 – Internet Protocol Version 4
– Select ip.addr as Source or Destination Address
– Specify relation as “= =”
– Specify the IPv4 address as in step 1.10
Page 8 of 12
Assignment 2 CS 490 Summer 2022
Telnet Connection
1.12 Run Puttytel.exe
http://www.chiark.greenend.org.uk/~sgtatham/putty/dow nload.html
• The next task calls for connecting to SDF UNIX server and create your ownaccount on the server using Telnet connection
Run the file puttytel.exe software that was downloaded in sections 1 or 2 Connect to the SDF server using the URL SDF.org
observe the port number that is being used.
2. Login to the SDF server using “new”
2.1 Answer the questions below
Page 9 of 12 Assignment 2 CS 490 Summer 2022
Click the return key
Createyourownaccountontheserverasdisplayed below; use the mkacct command tocreate your account.
2.4 2.5 2.6
fulfill the registration process.
Start Wireshark s/w and start capturing packets.
Login to the SDF account using your account credentials (Login username and password).
As soon as you are prompted with the screen shown below, stop capturing packets.
Page 10 of 12 Assignment 2 CS 490 Summer 2022
In the Wireshark I/F create a telnet filter and apply it to the captured packets
2.8 observe the packet that signify your password input process
2.9 Notice that your password is captured in the succeeding packets; following this particular one. A character in each frame.
3. Document your findings
Page 11 of 12 Assignment 2 CS 490 Summer 2022
Secure Shell (SSH)
3.1Downloaded the putty.exe file from the site
http://www.chiark.greenend.org.uk/~sgtatham/putty/do wnload.html
The putty.exe s/w is an implementation of SSH; the next task calls for connecting to
SDF UNIX server and create your own account on the server using SSH connection
Run the file putty.exe software
Connect to the SDF server using the URL SDF.org
3.4 3.5 3.6
click open
Observe the port number that is being used
Start Wireshark s/w and start capturing packets
Login to your SDF account using the credentials that you have used in section 3.
Apply SSL filter to the captured packets
Investigate the possibility of capturing either the user name or password Document your findings using screen snapshots (with
captions) and upload copies of the Wireshark data files.
– Document your report in a .pdf file and attach your Wireshark segments to the submission.
Page 12 of 12 Assignment 2 CS 490 Summer 2022
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com