Network Monitoring Using Wireshark: Analyzing HTTP and TCP Packets

Instructions: 
 

You must submit two separate copies (one Word file and one PDF file) using the Assignment Template on Blackboard via the allocated folder. These files must not be in compressed format.

It is your responsibility to check and make sure that you have uploaded both the correct files.

Zero mark will be given if you try to bypass the SafeAssign (e.g. misspell words, remove spaces between words, hide characters, use different character sets, convert text into image or languages other than English or any kind of manipulation).

Email submission will not be accepted.

You are advised to make your work clear and well-presented. This includes filling your information on the cover page.
You must use this template, failing which will result in zero mark.

You MUST show all your work, and text must not be converted into an image, unless specified otherwise by the question.
Late submission will result in ZERO mark.

The work should be your own, copying from students or other resources will result in ZERO mark.
Use Times New Roman font for all your answers. 

Project Description

1. Objectives

The main objective of this project is to familiarize with network monitoring and analyzing the different protocols statistics.

2. IntroductionIn this project, the students have to use “Wireshark” network packet analyzer tool. The best way to learn about any new piece of software is to try it out! We’ll assume that your computer is connected to the Internet via a wired Ethernet interface or wireless. Do the following:

1. Start up your favorite web browser, which will display your selected homepage. 

2. Start up the Wireshark software. You will initially see a window; Wireshark has not yet begun capturing packets. 

3. To begin packet capture, select the Capture pull down menu and select Interfaces.

 
This will cause the “Wireshark: Capture Interfaces” window to be displayed, 

4. While Wireshark is running, enter any URL of your interest and have that page displayed in your browser. In order to display this page, your browser will contact the HTTP server and exchange HTTP messages with the server in order to download this page. The Ethernet frames containing these HTTP messages (as well as all other frames passing through your Ethernet adapter) will be captured by Wireshark.

5. After your browser has displayed the corresponding html page stop Wireshark packet capture by selecting stop in the Wireshark capture window. You now have live packet data that contains all protocol messages exchanged between your computer and other network entities! The HTTP message exchanges with the URL’s web server that you opened on the browser should appear somewhere in the listing of packets captured. But there will be many other types of packets displayed as well. Even though the only action you took was to download a web page, there were evidently many other protocols running on your computer that are unseen by the user.  

6. Go to file options on the Wireshark and save as the file as packet.pcap. This file should be attached along with your submission.

3. Required work Give a screenshot of the installation of Wireshark tool.

Use Wireshark perform the following tasks:

Part 1- Analyze HTTP packets and answer the following question. (3 Marks)

a)What is the number of HTTP packets captured?

b)Write the source and destination IP address of the first HTTP packet.

c)In which frame the http response was received

Note: Your answers should be supported with a screenshot. Marks will be reduced if no screenshot is given. Part 2 – Analyze the TCP packets and answer the following questions. (3 Marks)

a)How many TCP packets captured?

b)What is source and destination port addresses?

c)Write the sequence and acknowledgment number.

d)Give the TCP checksum, TCP payload size and TCP segment size.

e)What is total SYN packets and ACK packets?

f)What is the number of open TCP streams?