Computer Networks - Statistical Analysis
Added on 2022-09-07
12 Pages2176 Words17 Views
Course code and Name
Student Name and ID:
Lecturer Name:
Submission Date:
Student Name and ID:
Lecturer Name:
Submission Date:
Scope
The scope of this exercise is analyze and give an explanation of Wireshark pcap file
provided. In the task, we will thoroughly go through the pcap file noting the
network boundaries, active nodes, protocols, type of traffic and their sources and
destinations. Furthermore, a narrative of the attack observed will be provided
together with the explanation.
Statistical Analysis
Packet Capture 1
In this packet capture, a request is made by dell computer on our network whose IP
address 192.168.1.200 and MAC address is 00:1c:23:4b:2e:02 towards a destination
host whose IP address is 192.168.1.254. See the capture interpretation below;
Discussion of specific areasFrame 1
- Frame 1– the frame number in capture process. It shows the size of packets
which were sent in bytes. For instance, this is frame number 1 and 70 bytes
of packets were sent in this particular frame.
- Encapsulation type:– in reference to networking, encapsulation denotes to
the process of moving data packets from one networking protocol to another
The scope of this exercise is analyze and give an explanation of Wireshark pcap file
provided. In the task, we will thoroughly go through the pcap file noting the
network boundaries, active nodes, protocols, type of traffic and their sources and
destinations. Furthermore, a narrative of the attack observed will be provided
together with the explanation.
Statistical Analysis
Packet Capture 1
In this packet capture, a request is made by dell computer on our network whose IP
address 192.168.1.200 and MAC address is 00:1c:23:4b:2e:02 towards a destination
host whose IP address is 192.168.1.254. See the capture interpretation below;
Discussion of specific areasFrame 1
- Frame 1– the frame number in capture process. It shows the size of packets
which were sent in bytes. For instance, this is frame number 1 and 70 bytes
of packets were sent in this particular frame.
- Encapsulation type:– in reference to networking, encapsulation denotes to
the process of moving data packets from one networking protocol to another
and its translation to another protocol. This is done so that the data can
continue with another protocol. In our frame number one, we have the
encapsulation type of Ethernet. This is the Wireshark’s internal value which
stands a specific link-layer header type for a packet in discussion.
- Arrival Time – this is the time stamp which shows the time when the packet
arrived at the Wireshark.
- Time shift for this packet – time shift is used to alter timestamps of packets in
the trace file.
- Epoch Time: – this is the number of seconds since 1st of January, 1970. It is
the actual time stored in a pcapng file. The rest of times seen in packet are
conversions derived from Epoch time.
- Time delta from previous captured frame – this is the time between the
previous packet capture and the present packet capture (Bullock & Parker,
2017).
Ethernet
This displays layer 2 details of our data capture.
continue with another protocol. In our frame number one, we have the
encapsulation type of Ethernet. This is the Wireshark’s internal value which
stands a specific link-layer header type for a packet in discussion.
- Arrival Time – this is the time stamp which shows the time when the packet
arrived at the Wireshark.
- Time shift for this packet – time shift is used to alter timestamps of packets in
the trace file.
- Epoch Time: – this is the number of seconds since 1st of January, 1970. It is
the actual time stored in a pcapng file. The rest of times seen in packet are
conversions derived from Epoch time.
- Time delta from previous captured frame – this is the time between the
previous packet capture and the present packet capture (Bullock & Parker,
2017).
Ethernet
This displays layer 2 details of our data capture.
Internet Protocol version 4
This is the most widely used revision of protocol in data communication over
different types of networks. This is a connection oriented protocol which ensures
that data is arrives at the destination and if it does not reach the destination, the
sender has to be informed so that the appropriate decision are made. Below are the
sections of IPv4. Furthermore, this protocol aids in computer communication by
allocating IP addresses to the computer nodes for unique identification in the
internet.
- Internet Protocol Version 4 – this an IPv4 address and not IPv6 address. The
source address for our packet is 192.168.1.200 whereas the destination is
192.168.1254.
- Version: 4 – This indicates the version with which the packet is. The 0100
when converted to decimal it becomes 4.
- Differentiated Services Field: – this a computer networking mechanism which
specifies scalable and simple mechanism of managing and classification of
the network traffic and provides QoS in IP network
- Total Length: – this is the header length of a packet.
- Identification: – this IPv4 field is that field which is unique for each datagram
for a provided destination, source address and a protocol.
- Time to live: 64 – also known as hop limit. This is the technique which limits
the lifespan of data in a network. This is implemented as a counter embedded
This is the most widely used revision of protocol in data communication over
different types of networks. This is a connection oriented protocol which ensures
that data is arrives at the destination and if it does not reach the destination, the
sender has to be informed so that the appropriate decision are made. Below are the
sections of IPv4. Furthermore, this protocol aids in computer communication by
allocating IP addresses to the computer nodes for unique identification in the
internet.
- Internet Protocol Version 4 – this an IPv4 address and not IPv6 address. The
source address for our packet is 192.168.1.200 whereas the destination is
192.168.1254.
- Version: 4 – This indicates the version with which the packet is. The 0100
when converted to decimal it becomes 4.
- Differentiated Services Field: – this a computer networking mechanism which
specifies scalable and simple mechanism of managing and classification of
the network traffic and provides QoS in IP network
- Total Length: – this is the header length of a packet.
- Identification: – this IPv4 field is that field which is unique for each datagram
for a provided destination, source address and a protocol.
- Time to live: 64 – also known as hop limit. This is the technique which limits
the lifespan of data in a network. This is implemented as a counter embedded
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Cyber Operations | Report-1lg...
|11
|2238
|15
Wireshark Lab: ICMP and Traceroutelg...
|21
|3293
|430
MITS4004 Research Study: Networkinglg...
|17
|2522
|493
Using Wireshark to Analyze Layers 1-5 of TCP/IP Protocollg...
|8
|1383
|199
Wireshark Lab: Ethernet and ARPlg...
|15
|2182
|191
Analyse Network Performancelg...
|15
|1632
|240