a) List 3 different protocols that appear in the protocol column in the unfiltered packet-listing window in. Support your answer with an appropriate screenshot from your computer.
b) How long did it take from when the HTTP GET message was sent until the HTTP OK reply was received? (By default, the value of the Time column in the packet-listing window is the amount of time, in seconds, since Wireshark tracing began. To display the Time field in time-of-day format, select the Wireshark View pull down menu, then select Time Display Format, then select Time-of-day.)
c) What is the Internet address of the What is the Internet address of your computer Support your answer with an appropriate screenshot from your computer.
Investigate streaming audio delivery over TCP by listening to Internet live radio and capturing the transmitted packets.
From a second network (Home, work, etc.), students have to chase and capture one more website which has an audio stream (such as radio stations, e.g http://www.radioau.net/ Students are free to choose any website. Show your analysis using TCP Stream Graph and Time Sequences Graph.
Task 1 a
A packet sniffer is software that captures and analyze packets that are flowing in any given network. The sniffer always set the network card in a promiscuous mode so that it can track each packet that is flowing in a given network. This explains how different websites packets are analyzed using Wireshark software through techniques such as load distribution. The analyzation is compared between each other and graphs are plotted using the software as below.
Task 1 a ![]()
The protocols in the website include [1]
As shown in the diagram above
- 44344secs The website IP address was 128.119.245.12
Task 1 B
Load distribution
It utilizes an era that heaps each information asked from the site by clients as the fact of convergence of contemplating. This relies upon the system and Internet execution length that the substance takes to stack. The outline of load circulation is as demonstrated as follows [2].
Load distribution now exhibits the perfect performance of examination with more percentage score card. From the above table at the store dissemination Wireshark result the packages transmitted at the rate of 0.000018 at each 2 counts which is brisk along these lines toll enough and large better than for an average website execution [3].
Throughput graph of this website shows instability sequence of bytes against time change. The graph is blank showing no comparison of the occurrence of the two website features
![]()
Time sequence graph
This graphs shows sequence of packets that have been sent in the website. In the above case .Sequence of packet was only sent once at a certain particular time as shown in the above diagram.in this outlines high steepness of lines show high throughput in particular website [4].
In any way like other flow diagrams as you will observer above, the distance is astoundingly immaterial essentially demonstrating ordinary implementation or rather most raised implementation in the whole examination [5]. That shows the communication rate between the clients who are accessing the server. The packets that are lost during the transmission process can also be located during through the above flow graph. This can also be characterized as a record keeping graph.
Window scaling
Window scaling is just like TCP window, which uses memorial pads.With data loaded in it , it supports implementation of the goals tends to back off thusly the degree of the beneficiary gap and the swiftness are clearly relating.
Load distribution
Load distribution appointments bases on the way the website is loaded with data by the client. Depending upon the system the rate of loading data to the website varies. From the results above the request that are received by the server are at an average rate of 6 counts taking an average rate of 0.000400 milliseconds. The percentage in this rate is 100%
Task 1 B
This graphs shows the comparison of data between the throughputs on the server against the time in milliseconds. Throughput is mainly evaluated mainly in bytes and address proportion that clients receive from the server in seconds. Here the throughput is highly scattered in the graph this shows that there were a lot of rates of communication the graph at one specified time.
Time sequence graph
This is diagram that indicates the sequence numbers of data plotted against time. The numbers in the diagram represents the bytes that are sent in the website. In the above analysis a constant number of sequences are sent over the network. if diagram can be pulled in the framework then the grade of the line could be speculative information exchange limit of the pipe. This outline shows that the more straight the line the high the thoughput [7]. The graph shows that one value increments and the other one remains consistent. On the off chance that at that point time expands then time grouping stays steady as appeared in the graph above
Tcp flow
The chart demonstrates launch of relationship amid the customers and the server. The transmission period between the TCP ports and the clients are shown as above [8]. The packages that are lost in transmission can like in the manner be found using the graph.
Window scaling
Investigation of window scaling basically depends on the TCP windows which is the main pad that is opposite to the TCP affiliation [9]. When data is not stored it causes web execution and the converse is through.
![]()
Load distribution
Load distribution appointments bases on the way the website is loaded with data by the client. Depending upon the system the rate of loading data to the website varies. From the results above the request that are received by the server are at an average rate of 6 counts taking an average rate of 0.000400 milliseconds [10]. The percentage in this rate is 100%. From the above look at the load flow table the bundles sent are at a rate of 1 for each a period of 0.000017 milliseconds which is snappy in this manner toll enough for a by and large not too bad website execution
![]()
Throughput graph
This is diagram the shows information sequence against time of a self-assertive site. The movement statistics in the outline can address the packets that are being transferred. In the blueprint through the span of activity increases by one to any TCP information that is sent [10]. The diagram demonstrates information time succession changes with time as the information stream in the framework. The through put increases with increase in time as shown above.
Load distribution
Time sequence
This is diagram that shows and compares the sequence of numbers against time in .The above shows that equal number of bytes are send to the website with increase in time as above
Flow graph
It compares the relationship between data in the server and the client. Once the relationship is set the data plot stream begins [11]. The important part of data transfer is shown in the diagram above and has a stream graph
Window scaling
Window scaling directs TCP window, which utilizes recollection cushions. With information loaded in the backings the implementation of the objectives has a tendency to posterior off the thusly level of the recipient window and speed [12].
Time sequence graph The sequence increases with a constant time
![]()
Conclusion
Packets flow different between different websites. This document explains how different website packets have been analyzed with Wireshark. The result that are produced by the software are totally different from each other. This is an indication that servers respond differently to request send by clients.
References
[1] Davidoff, S. and Ham, J. Network forensics: tracking hackers through cyberspace (Vol. 2014). Upper Saddle River: Prentice hall, 2012.
[2] Sanders, C.. Practical packet analysis: Using Wireshark to solve real-world network problems. No Starch Press, 2017.
[3] Orebaugh, A., Ramirez, G. and Beale, J. Wireshark & Ethereal network protocol analyzer toolkit. Elsevier. , 2009.
[4] Munz, G. and Carle, G., 2008l. Distributed network analysis using TOPAS and wireshark. In Network Operations and Management Symposium Workshops, 2008. NOMS Workshops 2008. IEEE (pp. 161-164). IEEE.=,2008.
[5] Asrodia, P. and Patel, H. Network traffic analysis using packet sniffer. International journal of engineering research and applications, 2(3), pp.854-856, 2012
[6] Wondracek, G., Comparetti, P.M., Kruegel, C., Kirda, E. and Anna, S.S.S. Automatic Network Protocol Analysis. In NDSS (Vol. 8, pp. 1-14), 2008,
[7] Pang, R., Allman, M., Paxson, V. and Lee, J.. The devil and packet trace anonymization. ACM SIGCOMM Computer Communication Review, 36(1), pp.29-38,2012
[8]. Meneely, A. and Williams, L.,. Socio-technical developer networks: Should we trust our measurements?. In Proceedings of the 33rd International Conference on Software Engineering (pp. 281-290). ACM. 2011.
[9] Chappel, L.. Wireshark Network Analysis. San Jose CA: Protocol Analysis Institute, 2012.
[10] Wang, S., Xu, D. and Yan, S.,l. Analysis and application of Wireshark in TCP/IP protocol teaching. In E-Health Networking, Digital Ecosystems and Technologies (EDT), 2010 International Conference on (Vol. 2, pp. 269-272). IEEE, 2010.
[11] Wondracek, G., Comparetti, P.M., Kruegel, C., Kirda, E. and Anna, S.S.S. Automatic Network Protocol Analysis. In NDSS (Vol. 8, pp. 1-14). 2008.
[12] Asrodia, P. and Patel, H. Analysis of various packet sniffing tools for network monitoring and analysis. International Journal of Electrical, Electronics and Computer Engineering, 1(1), pp.55-58, 2012
