[FULL ACCESS] Network Analysis and Security
VerifiedAdded on 2021/04/17
|7
|1850
|49
AI Summary
The assignment involves analyzing network protocols, packet capture using Wireshark, and network security measures. It includes a detailed explanation of the content in each of the three horizontal display windows in Wireshark, an analysis of the exchange events captured in frames 4-6, and a discussion on implementing Wireshark for detecting denial-of-service (DoS) attacks. The assignment also involves explaining the settings to adjust for solving name resolution issues in the network, fetching time, destination, and source addresses to identify sources of requests and block unwanted sources.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
Due date:
11:45pm AEST, Friday, Week 6
ASSESSMEN
T
Weighting: 15% 1
Objectives
This assessment task requires you to demonstrate your knowledge of basic routing concepts
by completing a number of exercise questions. The questions contain numerical as well as
descriptive questions covering the material up to Week 6.
The questions are designed to help you to achieve the unit learning outcomes as listed in the
unit profile.
Instructions
You must do this assignment on your own – it is not a group assignment.
Type all your answers in the ‘Template for Your Answers’ Section of this document and
upload only that template. You could do that by copying the Template section into a new
Word document for uploading. Answers that are not typed into the “Template for Your
Answers” section may not be marked, or may be returned to you for re-typing and re-
submission – late penalties will apply.
Where instructed, you must show the steps you took to arrive at your answers. Write
your answers in your own words to avoid potential plagiarism and copyright violations.
You must submit the Answer section as a Word file (.doc or .docx). Do not submit PDF’s
or any other type of file without express permission from the Unit Coordinator.
Plagiarism Procedures can be found in the CQUniversity Policies section of the Unit Profile.
Assessment Requirements and Marking Criteria
There are 3 main questions with some sub-questions and the requirements are stated for each
one. You must answer all questions and their sub-questions. Marks are indicated in the
Answer Template.
The questions will be marked on correctness, logic and clarity, and addressing all parts of the
question.
The Assignment Questions begin on the next page.
USE THE PROVIDED TEMPLATE ON P.4 FOR ALL YOUR ANSWERS.
Assignment item —Written Assessment-1
Due date:
11:45pm AEST, Friday, Week 6
ASSESSMEN
T
Weighting: 15% 1
Objectives
This assessment task requires you to demonstrate your knowledge of basic routing concepts
by completing a number of exercise questions. The questions contain numerical as well as
descriptive questions covering the material up to Week 6.
The questions are designed to help you to achieve the unit learning outcomes as listed in the
unit profile.
Instructions
You must do this assignment on your own – it is not a group assignment.
Type all your answers in the ‘Template for Your Answers’ Section of this document and
upload only that template. You could do that by copying the Template section into a new
Word document for uploading. Answers that are not typed into the “Template for Your
Answers” section may not be marked, or may be returned to you for re-typing and re-
submission – late penalties will apply.
Where instructed, you must show the steps you took to arrive at your answers. Write
your answers in your own words to avoid potential plagiarism and copyright violations.
You must submit the Answer section as a Word file (.doc or .docx). Do not submit PDF’s
or any other type of file without express permission from the Unit Coordinator.
Plagiarism Procedures can be found in the CQUniversity Policies section of the Unit Profile.
Assessment Requirements and Marking Criteria
There are 3 main questions with some sub-questions and the requirements are stated for each
one. You must answer all questions and their sub-questions. Marks are indicated in the
Answer Template.
The questions will be marked on correctness, logic and clarity, and addressing all parts of the
question.
The Assignment Questions begin on the next page.
USE THE PROVIDED TEMPLATE ON P.4 FOR ALL YOUR ANSWERS.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
Question 1 – Address usage (3 marks)
Consider the following classless address block:
154.78.177.3/27
List the addresses from this block that would be used as:
a) the network address,
b) the direct broadcast address, and
c) the range available for hosts to use
Show the steps you took to arrive at your answers.
Question 2– Allocating subnets from a block (8 marks)
A company has been granted a block of addresses which includes the address
138.77.216.5/24. Answer the following questions, showing your calculations.
a) Calculate the network address of this block and how many host addresses
including special addresses this block can provide (1 mark)
b) Create the following 6 subnets for this company by calculating the subnet
address for each subnet. Answer this question by filling in the table in the
Answer template. Use CIDR format for the mask.
I. 2 subnets with 32 addresses each (2 marks)
II. 4 subnets with 16 addresses each (4 marks)
c) After some time, the company decides that it wants another subnet with 1,024
addresses. Explain whether this can be allocated from the existing block.
(1 mark)
Question 3 – Network Tools (Windows) (4 marks)
Often the best way to gain an initial familiarity with network tools is to simply use them, at a
basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and
Tracert are included in Windows, while Wireshark is free to download and install. Explore
Wireshark, Netstat and Tracert, then complete this question.
a) A wireshark scan has produced a packet capture, saved to a file named
wireshark_capture01.pcapng and available on the Unit website. Download the file
and open it in Wireshark, then answer these questions about the scan:
i. Very briefly summarise in your own words the content in each of the three
horizontal display windows in Wireshark (.5 mark)
ii. In Frame 3, what brand of computer launched this scan and what was its IP
address? State where this information is found (.5 mark)
iii. Briefly explain the exchange event captured in frames 4 - 6 (.5 mark)
Assignment item —Written Assessment-1
Question 1 – Address usage (3 marks)
Consider the following classless address block:
154.78.177.3/27
List the addresses from this block that would be used as:
a) the network address,
b) the direct broadcast address, and
c) the range available for hosts to use
Show the steps you took to arrive at your answers.
Question 2– Allocating subnets from a block (8 marks)
A company has been granted a block of addresses which includes the address
138.77.216.5/24. Answer the following questions, showing your calculations.
a) Calculate the network address of this block and how many host addresses
including special addresses this block can provide (1 mark)
b) Create the following 6 subnets for this company by calculating the subnet
address for each subnet. Answer this question by filling in the table in the
Answer template. Use CIDR format for the mask.
I. 2 subnets with 32 addresses each (2 marks)
II. 4 subnets with 16 addresses each (4 marks)
c) After some time, the company decides that it wants another subnet with 1,024
addresses. Explain whether this can be allocated from the existing block.
(1 mark)
Question 3 – Network Tools (Windows) (4 marks)
Often the best way to gain an initial familiarity with network tools is to simply use them, at a
basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and
Tracert are included in Windows, while Wireshark is free to download and install. Explore
Wireshark, Netstat and Tracert, then complete this question.
a) A wireshark scan has produced a packet capture, saved to a file named
wireshark_capture01.pcapng and available on the Unit website. Download the file
and open it in Wireshark, then answer these questions about the scan:
i. Very briefly summarise in your own words the content in each of the three
horizontal display windows in Wireshark (.5 mark)
ii. In Frame 3, what brand of computer launched this scan and what was its IP
address? State where this information is found (.5 mark)
iii. Briefly explain the exchange event captured in frames 4 - 6 (.5 mark)
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
iv. Describe in your own words two specific network problems that a network
administrator could use Wireshark for as a troubleshooting tool? (.5 mark)
b) A ‘NETSTAT –aon’ command has given the output below (excerpted). Briefly
describe each column heading, and the states LISTENING, ESTABLISHED and
CLOSE_WAIT. (1 mark)
Active Connections
Proto Local Address Foreign Address State PID
TCP 10.0.0.58:139 0.0.0.0:0 LISTENING
TCP 10.0.0.58:5040 0.0.0.0:0 LISTENING 7480
TCP 10.0.0.118:139 0.0.0.0:0 LISTENING 4
TCP 10.0.0.118:52450 52.63.165.133:443 ESTABLISHED 14080
TCP 10.0.0.118:52458 104.116.191.195:443 CLOSE_WAIT 8912
TCP 10.0.0.118:52791 40.100.151.2:443 ESTABLISHED 22400
TCP 10.0.0.118:52811 162.125.34.129:443 ESTABLISHED 4696
TCP 10.0.0.118:52820 34.232.224.128:443 CLOSE_WAIT 4696
TCP 10.0.0.118:52879 162.125.34.129:443 ESTABLISHED 4696
...
c) Do a TRACERT on your computer to www.google.com. Paste the output to your
assignment answer template and discuss the information being displayed (1 mark)
Assignment item —Written Assessment-1
iv. Describe in your own words two specific network problems that a network
administrator could use Wireshark for as a troubleshooting tool? (.5 mark)
b) A ‘NETSTAT –aon’ command has given the output below (excerpted). Briefly
describe each column heading, and the states LISTENING, ESTABLISHED and
CLOSE_WAIT. (1 mark)
Active Connections
Proto Local Address Foreign Address State PID
TCP 10.0.0.58:139 0.0.0.0:0 LISTENING
TCP 10.0.0.58:5040 0.0.0.0:0 LISTENING 7480
TCP 10.0.0.118:139 0.0.0.0:0 LISTENING 4
TCP 10.0.0.118:52450 52.63.165.133:443 ESTABLISHED 14080
TCP 10.0.0.118:52458 104.116.191.195:443 CLOSE_WAIT 8912
TCP 10.0.0.118:52791 40.100.151.2:443 ESTABLISHED 22400
TCP 10.0.0.118:52811 162.125.34.129:443 ESTABLISHED 4696
TCP 10.0.0.118:52820 34.232.224.128:443 CLOSE_WAIT 4696
TCP 10.0.0.118:52879 162.125.34.129:443 ESTABLISHED 4696
...
c) Do a TRACERT on your computer to www.google.com. Paste the output to your
assignment answer template and discuss the information being displayed (1 mark)
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
TEMPLATE FOR YOUR ANSWERS
Type your answers in this section in the spaces provided
First Name:_________________________ Last Name:_________________________
Student ID: __________________________
Question Number Mark
allocated
Mark
earned
Question 1: (3 marks) 3
a)
b)
c)
IP address - 154.78.177.3 /27
Subnet mask = 255.255.255.224
IP Address (Decimal) - 154.78.177.3
IP Address (Binary) - 10011010. 01001110.
10110001. 000 00011
Subnet Mask (Binary) 11111111. 11111111. 11111111.
111 00000
Wild Card 00000000. 00000000.
00000000. 000 11111
Subnet Mask (Decimal) 255.255.255.224
Calculation of the network address 10011010. 01001110.
10110001. 000 00000
Network address – 154.78.177.0/27
Direct broadcast address – 10011010. 01001110.
10110001. 000 11111
= 154.78.177.31
Range available for the hosts to use - 154.78.177.1 - 154.78.177.30
1 mark
each
item,
total 3
Question 2: (8 marks) 8
a) Address block – 138.77.216.5 / 24
Address = 138.77.216.5
10001010.01001101.11011000 .00000101
Net mask: 255.255.255.0 = 24
11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
=>
Network: 138.77.216.0/24
10001010.01001101.11011000 .00000000
1
b) Subnet No. addresses Subnet address Mask /n
1 32 138.77.216.0 /26
2 32 138.77.216.64 /26
3 16 138.77.216.128 /27
6
Assignment item —Written Assessment-1
TEMPLATE FOR YOUR ANSWERS
Type your answers in this section in the spaces provided
First Name:_________________________ Last Name:_________________________
Student ID: __________________________
Question Number Mark
allocated
Mark
earned
Question 1: (3 marks) 3
a)
b)
c)
IP address - 154.78.177.3 /27
Subnet mask = 255.255.255.224
IP Address (Decimal) - 154.78.177.3
IP Address (Binary) - 10011010. 01001110.
10110001. 000 00011
Subnet Mask (Binary) 11111111. 11111111. 11111111.
111 00000
Wild Card 00000000. 00000000.
00000000. 000 11111
Subnet Mask (Decimal) 255.255.255.224
Calculation of the network address 10011010. 01001110.
10110001. 000 00000
Network address – 154.78.177.0/27
Direct broadcast address – 10011010. 01001110.
10110001. 000 11111
= 154.78.177.31
Range available for the hosts to use - 154.78.177.1 - 154.78.177.30
1 mark
each
item,
total 3
Question 2: (8 marks) 8
a) Address block – 138.77.216.5 / 24
Address = 138.77.216.5
10001010.01001101.11011000 .00000101
Net mask: 255.255.255.0 = 24
11111111.11111111.11111111 .00000000
Wildcard: 0.0.0.255 00000000.00000000.00000000 .11111111
=>
Network: 138.77.216.0/24
10001010.01001101.11011000 .00000000
1
b) Subnet No. addresses Subnet address Mask /n
1 32 138.77.216.0 /26
2 32 138.77.216.64 /26
3 16 138.77.216.128 /27
6
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
4 16 138.77.216.160 /27
5 16 138.77.216.160 /27
6 16 138.77.216.224 /27
c) The new 1024 address cannot be allocated to the existing block and it needs
re calculation of the subnet block. The available number of IP address for the
subnet /24 is 254 and among them 244 number of IP address are allocated for
6 subnets created for the organization and thus it is not possible to
accommodate more 1024 address in the subnet. It cannot be allocated from
the existing block.
1
Question 3: (4 marks) 4
a)
i)
ii)
iii)
iv)
The content in each of the three horizontal display windows in Wireshark
First horizontal window
There are three windowpanes in this screen. The packet list pane appears on
top. Below it is a “packet details” pane that provides more details about
whichever packet in the packet list pane is highlighted. The “packet bytes”
pane is below that; it’s the raw view of the packet contents.
The scan was launched by a computer of brand Hewlett and the IP address of
the computer is 138.77.216.88.
The information about the computer brand is found from the Ethernet II
option of the packet details panel of the wireshark file and the information
about the IP address is found from the Internet protocol version information
Explanation of the exchange events captured in frame 4 – 6
In the frame 4 the server sends a hello message to the client seeking request
to connect with it. The protocol version, session ID, cipher suite, compression
method and the certificate request are sent back to the client. In the frame 5
the digital certificate id verified by the client and in the frame 6 the server
hello message done message is sent to the client by the server for the
indication of the end to server hello and the other messages. After receiving
the server hello message the certificate of the service provider is verified by
the client.
The wire shark can be implemented for the detection of the denial of service
and the password attacks. A simple packet capture is required to be started by
selecting the interface and the capture can be done according to requirement
such as for solving the name resolution issue in the network the settings must
be adjusted in order to reduce the laree queries (Sanders 2017). The time,
destination and the source address can be fetched and it helps in
identification of the source of the request and block the unwanted sources to
secure the network from DoS or password attacks.
.5 mark
each
item,
total 2
for 3a.
b)
The proto column lists the socket which may be TCP or UDP and these are the
1
Assignment item —Written Assessment-1
4 16 138.77.216.160 /27
5 16 138.77.216.160 /27
6 16 138.77.216.224 /27
c) The new 1024 address cannot be allocated to the existing block and it needs
re calculation of the subnet block. The available number of IP address for the
subnet /24 is 254 and among them 244 number of IP address are allocated for
6 subnets created for the organization and thus it is not possible to
accommodate more 1024 address in the subnet. It cannot be allocated from
the existing block.
1
Question 3: (4 marks) 4
a)
i)
ii)
iii)
iv)
The content in each of the three horizontal display windows in Wireshark
First horizontal window
There are three windowpanes in this screen. The packet list pane appears on
top. Below it is a “packet details” pane that provides more details about
whichever packet in the packet list pane is highlighted. The “packet bytes”
pane is below that; it’s the raw view of the packet contents.
The scan was launched by a computer of brand Hewlett and the IP address of
the computer is 138.77.216.88.
The information about the computer brand is found from the Ethernet II
option of the packet details panel of the wireshark file and the information
about the IP address is found from the Internet protocol version information
Explanation of the exchange events captured in frame 4 – 6
In the frame 4 the server sends a hello message to the client seeking request
to connect with it. The protocol version, session ID, cipher suite, compression
method and the certificate request are sent back to the client. In the frame 5
the digital certificate id verified by the client and in the frame 6 the server
hello message done message is sent to the client by the server for the
indication of the end to server hello and the other messages. After receiving
the server hello message the certificate of the service provider is verified by
the client.
The wire shark can be implemented for the detection of the denial of service
and the password attacks. A simple packet capture is required to be started by
selecting the interface and the capture can be done according to requirement
such as for solving the name resolution issue in the network the settings must
be adjusted in order to reduce the laree queries (Sanders 2017). The time,
destination and the source address can be fetched and it helps in
identification of the source of the request and block the unwanted sources to
secure the network from DoS or password attacks.
.5 mark
each
item,
total 2
for 3a.
b)
The proto column lists the socket which may be TCP or UDP and these are the
1
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
network protocols. The local address and the foreign address is used for the
demonstration of the connection of the socket between the hosts and the
ports. The local address is of the computer that is used for running the nestat
command and the foreign address is of the foreign computer (Hieu Lam
2016). The state column is used for listing the state of the socket. The PID
column is used for stating the owner of the process and it can be used to find
the program that uses the network.
LISTENING – It means that the computer is waiting for external computer and
for establishment of a connection.
ESTABLISHED - It demonstrates that the device are ready for communication
and CLOSED_WAIT – It means the foreign machine and the remote machine
has terminated the connection and but the local program is not updated.
c)
A traceroute is done for google.com for finding the path between the local
computer and the network device having the hostname google.com. From the
traceroute 8 network devices are identified and it includes the router
192.168.1.1 and the way of the target google.com which uses the public ip
address having 216.58.199.164.
1
Total marks awarded 15 (max)
Less late penalties if applicable
Less plagiarism penalties if applicable
Total marks earned
Markers comments:
Assignment item —Written Assessment-1
network protocols. The local address and the foreign address is used for the
demonstration of the connection of the socket between the hosts and the
ports. The local address is of the computer that is used for running the nestat
command and the foreign address is of the foreign computer (Hieu Lam
2016). The state column is used for listing the state of the socket. The PID
column is used for stating the owner of the process and it can be used to find
the program that uses the network.
LISTENING – It means that the computer is waiting for external computer and
for establishment of a connection.
ESTABLISHED - It demonstrates that the device are ready for communication
and CLOSED_WAIT – It means the foreign machine and the remote machine
has terminated the connection and but the local program is not updated.
c)
A traceroute is done for google.com for finding the path between the local
computer and the network device having the hostname google.com. From the
traceroute 8 network devices are identified and it includes the router
192.168.1.1 and the way of the target google.com which uses the public ip
address having 216.58.199.164.
1
Total marks awarded 15 (max)
Less late penalties if applicable
Less plagiarism penalties if applicable
Total marks earned
Markers comments:
COIT20261 Network Routing and Switching (Term 1, 2018)
Assignment item —Written Assessment-1
References
Hiêu Lâm, T., 2016. Server Hardening by Activating and Configuring Local
Windows Firewalls.
Sanders, C., 2017. Practical packet analysis: Using Wireshark to solve real-
world network problems. No Starch Press.
Assignment item —Written Assessment-1
References
Hiêu Lâm, T., 2016. Server Hardening by Activating and Configuring Local
Windows Firewalls.
Sanders, C., 2017. Practical packet analysis: Using Wireshark to solve real-
world network problems. No Starch Press.
1 out of 7
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.