Deep Packet Analysis Using Wireshark

Added on 2022-09-09

29 Pages1605 Words25 Views

Task 3 – Deep Packet Analysis using Wireshark

Table of Contents
Task 3...............................................................................................................................................1
3.1 Statistical Analysis............................................................................................................1
3.2 Activity Narrative and Attack Identification..................................................................12
3.3 Attack Explanation..........................................................................................................16
References......................................................................................................................................23

Task 3
Deep packet analysis is completed in this part of the report with the help of the given
Wireshark file. The findings are later displayed in a factual manner for convincing the decision
makers of a huge corporation to help improve the business strategies (Baxter, 2014).
3.1 Statistical Analysis
Take a look at the following figure, it represents the deep packet analysis. To begin with
this analysis, it is essential to initiate statistical analysis of the file that is given. Proceed further
by opening the above mentioned file. To open the file Wireshark tool can be used.
1

For performing statistical analysis select the option of statistics. The statistical analysis
gives various details like the active nodes, network boundaries, external sources, traffics and
protocol type. The below provided figure represents the statistics information of the respective
file (Singh, 2013).
The statistic information provides the details like the length of the packet is 4235 kB; the
Ethernet encapsulation is used; the sum of packets are 21206; and the elapsed time is 01:43:50.
For the respective file, the resolved address is utilized for listing out the address information.
This step is illustrated in the following figure (Orzach, 2013),
2

Further, take a look at the protocol hierarchy of the respective file, this helps to get the
details of the network protocol. The network protocols demands transportation of large chucks of
data that are complete.
The basic protocols can’t control the large chucks/streams such as TCP, which is not
aware of the data chucks. Here, to the rescue come the network protocols, which can control the
3

chuck boundaries and distributes data to multiple packets with the help of de-segmentation and
defragmentation method for reassembling in the TCP.
The following figure shows the given captured file defragmentation or de-segmentation
packets. They are utilized for knowing the given file’s network boundaries. The below
mentioned filter command helps in the identification of large chucks in data fragmentation.
4

End of preview

Want to access all the pages? Upload your documents or become a member.

DIGITAL FORENSICS - IFN643 Assignment 2 Executive Summary Packet Filtering

|67

|8588

|396

Cyber Operations | Report-1

|11

|2238

|15

COMPUTER SCIENCE.

|476

Deep Packet Analysis

|14

|2284

|19

Cyber Operations: Analysis of Network Traffic and Packet Capture using Wireshark

|25

|2170

|279

Wireshark: A Comprehensive Guide to Network Traffic Analysis

|23

|1709

|177

Deep Packet Analysis Using Wireshark

End of preview

DIGITAL FORENSICS - IFN643 Assignment 2 Executive Summary Packet Filteringlg...

Cyber Operations | Report-1lg...

COMPUTER SCIENCE.lg...

Deep Packet Analysislg...

Cyber Operations: Analysis of Network Traffic and Packet Capture using Wiresharklg...