CSG 5308 - Wireless Security Assignment 01
VerifiedAdded on 2023/06/12
|10
|1399
|355
AI Summary
This paper is analysis, documentation and a full report of the live capture using wireshark in order to filter and inspect packets that was intercepted in relationship to some suspected member of your organization to be linked with some kind of “organized crime”. The report includes analysis of websites accessed, files downloaded, videos accessed, chain of custody, and bibliography.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Head: CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
[Student Name]
[University Name]
CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
[Student Name]
[University Name]
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Table of Contents
Introduction......................................................................................................................................1
Analysis of the Top_Gear_Eng_WIDS_Capture.............................................................................1
Packet Analyzation..........................................................................................................................2
Websites that were accessed............................................................................................................2
List of files that are accessed...........................................................................................................4
List of downloaded files..................................................................................................................4
List of accessed Videos...................................................................................................................6
Chain of custody..............................................................................................................................6
Bibliography....................................................................................................................................7
Table of Contents
Introduction......................................................................................................................................1
Analysis of the Top_Gear_Eng_WIDS_Capture.............................................................................1
Packet Analyzation..........................................................................................................................2
Websites that were accessed............................................................................................................2
List of files that are accessed...........................................................................................................4
List of downloaded files..................................................................................................................4
List of accessed Videos...................................................................................................................6
Chain of custody..............................................................................................................................6
Bibliography....................................................................................................................................7
2CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Introduction
Top Gear Industries is a small IT company that specializes in creating electronic devices
and IoT (Internet of Things) devices for automotive vehicles. Such examples of their work
include an embedded device named “Sea Slug” that records fuel consumption and uploads this
data to the cloud for analysis or “Rainbow Fish” which is an informative head up display rear
view mirror. Recently the CEO held a major press conference and informed the public that they
have been working on a secret project, which they claim will “revolutionize the automotive
industry and leave all their competitors behind in a trail of dust”.
The following week, the Head of Engineering at Top Gear Industries discovered that the
schematics for their new project, codenamed “swordfish” had been mysteriously deleted and
replaced with a digital calling card. They also discovered that a number of servers were infected
with malware. Top Gear Industries had installed an advanced Wireless Intrusion Detection
System (WIDS) just for the Engineering Department, which collects all wireless traffic and saves
it in a secure location for further analysis. Upon further analysis, it was discovered that the
WIDS was not involved in the attack and was not compromised.
This paper is analysis, documentation and a full report of the live capture using wireshark in
order to filter and inspect packets that was intercepted in relationship to some suspected member
of your organization to be linked with some kind of “organized crime”
Analysis of the Top_Gear_Eng_WIDS_Capture
Each line in the top pane of the Wireshark window corresponds to a single packet seen on
the network. The default display shows the time of the packet (relative to the initiation of the
capture), the source and destination IP addresses, the protocol used and some information about
the packet. This paper will drill down and obtain more information by clicking on a row. This
causes the bottom two-window panes to fill with information.
Introduction
Top Gear Industries is a small IT company that specializes in creating electronic devices
and IoT (Internet of Things) devices for automotive vehicles. Such examples of their work
include an embedded device named “Sea Slug” that records fuel consumption and uploads this
data to the cloud for analysis or “Rainbow Fish” which is an informative head up display rear
view mirror. Recently the CEO held a major press conference and informed the public that they
have been working on a secret project, which they claim will “revolutionize the automotive
industry and leave all their competitors behind in a trail of dust”.
The following week, the Head of Engineering at Top Gear Industries discovered that the
schematics for their new project, codenamed “swordfish” had been mysteriously deleted and
replaced with a digital calling card. They also discovered that a number of servers were infected
with malware. Top Gear Industries had installed an advanced Wireless Intrusion Detection
System (WIDS) just for the Engineering Department, which collects all wireless traffic and saves
it in a secure location for further analysis. Upon further analysis, it was discovered that the
WIDS was not involved in the attack and was not compromised.
This paper is analysis, documentation and a full report of the live capture using wireshark in
order to filter and inspect packets that was intercepted in relationship to some suspected member
of your organization to be linked with some kind of “organized crime”
Analysis of the Top_Gear_Eng_WIDS_Capture
Each line in the top pane of the Wireshark window corresponds to a single packet seen on
the network. The default display shows the time of the packet (relative to the initiation of the
capture), the source and destination IP addresses, the protocol used and some information about
the packet. This paper will drill down and obtain more information by clicking on a row. This
causes the bottom two-window panes to fill with information.
3CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Packet Analyzation
This paper will analyse the file Top_Gear_Eng_WIDS_Capture.pcap that was captured file
using Wireshark-win64-2.6.4 to give a full report of the following aspects
The websites that were accessed by the suspect
The files that were download by the suspect
Some of the videos that were accessed by the suspect
In addition, to demonstrate the whether the downloaded file and the videos accessed are in any
way related to hacking.
As part of the analysis, the paper will demonstrate how the suspect was able to gain access to the
FTP server.
The commands that the suspect run on the FTP server.
Was any project on the FTP server altered or viewed
Further the report will be able to indicated whether the suspect was working alone or as the part
of the team.
Lastly the paper will give show whether they was any proof of any email that was suspicious.
Websites that were accessed
Wireshark being a protocol analyzer that will aid to capture both the TCP and UDP packets. This
will be able to assist the paper view the http that was accessed.
The list of accessed website are given bellow:
Packet Analyzation
This paper will analyse the file Top_Gear_Eng_WIDS_Capture.pcap that was captured file
using Wireshark-win64-2.6.4 to give a full report of the following aspects
The websites that were accessed by the suspect
The files that were download by the suspect
Some of the videos that were accessed by the suspect
In addition, to demonstrate the whether the downloaded file and the videos accessed are in any
way related to hacking.
As part of the analysis, the paper will demonstrate how the suspect was able to gain access to the
FTP server.
The commands that the suspect run on the FTP server.
Was any project on the FTP server altered or viewed
Further the report will be able to indicated whether the suspect was working alone or as the part
of the team.
Lastly the paper will give show whether they was any proof of any email that was suspicious.
Websites that were accessed
Wireshark being a protocol analyzer that will aid to capture both the TCP and UDP packets. This
will be able to assist the paper view the http that was accessed.
The list of accessed website are given bellow:
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Time Source Website
Time Source Website
5CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
177.71
8929
192.16
8.1.5
http://detectportal.firefox.com/success.txt
192.17
6209
192.16
8.1.5
http://detectportal.firefox.com/success.txt]
347.15
4705
192.16
8.1.5
http://ocsp.sca1b.amazontrust.com/
511.21
3573
192.16
8.1.1
http://239.255.255.250:1900*
11.220
740
192.16
8.1.1
http://239.255.255.250:1900*
511.23
0467
192.16
8.1.1
http://239.255.255.250:1900*
560.87
3550
192.16
8.1.5
http://ocsp.int-x3.letsencrypt.org/
1140.1
99756
192.16
8.1.5
http://cdn.segment.com/analytics.js/v1/
S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js
1188.5
35629
192.16
8.1.5
http://timeinc.brightcove.com.edgesuite.net/rtmp_uds/
293884104/201510/874/4584479675001/293884104_4584479675001_s-
7.ts?pubId=2111767321001&videoId=4585888808001
1188.5
53036
192.16
8.1.5
http://timeinc.brightcove.com.edgesuite.net
1270.6
62092
192.16
8.1.5
http://ocsp.digicert.com
1283.3
07258
192.16
8.1.2
http://239.255.255.250:1900*
1297.7
46573
192.16
8.1.5
tp://cdn.newsapi.com.au/image/v1/6222c3637fdd84b00a9ff3493ebde9b0?
width=150
1300.7
58860
192.16
8.1.5
http://tags.news.com.au/prod/utrack/utrack.js?
cb=15207502988110.3421145494598944
177.71
8929
192.16
8.1.5
http://detectportal.firefox.com/success.txt
192.17
6209
192.16
8.1.5
http://detectportal.firefox.com/success.txt]
347.15
4705
192.16
8.1.5
http://ocsp.sca1b.amazontrust.com/
511.21
3573
192.16
8.1.1
http://239.255.255.250:1900*
11.220
740
192.16
8.1.1
http://239.255.255.250:1900*
511.23
0467
192.16
8.1.1
http://239.255.255.250:1900*
560.87
3550
192.16
8.1.5
http://ocsp.int-x3.letsencrypt.org/
1140.1
99756
192.16
8.1.5
http://cdn.segment.com/analytics.js/v1/
S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js
1188.5
35629
192.16
8.1.5
http://timeinc.brightcove.com.edgesuite.net/rtmp_uds/
293884104/201510/874/4584479675001/293884104_4584479675001_s-
7.ts?pubId=2111767321001&videoId=4585888808001
1188.5
53036
192.16
8.1.5
http://timeinc.brightcove.com.edgesuite.net
1270.6
62092
192.16
8.1.5
http://ocsp.digicert.com
1283.3
07258
192.16
8.1.2
http://239.255.255.250:1900*
1297.7
46573
192.16
8.1.5
tp://cdn.newsapi.com.au/image/v1/6222c3637fdd84b00a9ff3493ebde9b0?
width=150
1300.7
58860
192.16
8.1.5
http://tags.news.com.au/prod/utrack/utrack.js?
cb=15207502988110.3421145494598944
6CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
1310.6
61068
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1310.6
71820
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1310.6
72844
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1379.9
92844
192.16
8.1.5
http://ocsp.sca1b.amazontrust.com
1577.7
23011
192.16
8.1.3
http://connectivity-check.ubuntu.com
1709.2
15616
192.16
8.1.1
http://239.255.255.250:1900*
List of files that are accessed
List of downloaded files
1310.6
61068
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1310.6
71820
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1310.6
72844
192.16
8.1.5
http://vjs.zencdn.net/vttjs/0.12.5/vtt.global.min.js
1379.9
92844
192.16
8.1.5
http://ocsp.sca1b.amazontrust.com
1577.7
23011
192.16
8.1.3
http://connectivity-check.ubuntu.com
1709.2
15616
192.16
8.1.1
http://239.255.255.250:1900*
List of files that are accessed
List of downloaded files
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
7CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Topic / Item
HTTP Requests by HTTP Host
vjs.zencdn.net
/vttjs/0.12.5/vtt.global.min.js
timeinc.brightcove.com.edgesuite.net
/rtmp_uds/293884104/201510/874/4584479675001/293884104_4584479675001_s-7.ts?
pubId=2111767321001&videoId=4585888808001
tags.news.com.au
/prod/utrack/utrack.js?cb=15207502988110.3421145494598944
ocsp.sca1b.amazontrust.com
/
ocsp.int-x3.letsencrypt.org
/
ocsp.digicert.com
/
detectportal.firefox.com
/success.txt
connectivity-check.ubuntu.com
/
cdn.segment.com
/analytics.js/v1/S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js
cdn.newsapi.com.au
/image/v1/6222c3637fdd84b00a9ff3493ebde9b0?width=150
239.255.255.250:1900
*
Topic / Item
HTTP Requests by HTTP Host
vjs.zencdn.net
/vttjs/0.12.5/vtt.global.min.js
timeinc.brightcove.com.edgesuite.net
/rtmp_uds/293884104/201510/874/4584479675001/293884104_4584479675001_s-7.ts?
pubId=2111767321001&videoId=4585888808001
tags.news.com.au
/prod/utrack/utrack.js?cb=15207502988110.3421145494598944
ocsp.sca1b.amazontrust.com
/
ocsp.int-x3.letsencrypt.org
/
ocsp.digicert.com
/
detectportal.firefox.com
/success.txt
connectivity-check.ubuntu.com
/
cdn.segment.com
/analytics.js/v1/S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js
cdn.newsapi.com.au
/image/v1/6222c3637fdd84b00a9ff3493ebde9b0?width=150
239.255.255.250:1900
*
8CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
List of accessed Videos
Chain of custody
level parent Topic / Item Count Percent Burst rate Burst start
0 HTTP Requests by HTTP Host 32 100% 0.04 511.214
1 /HTTP Requests by HTTP Host vjs.zencdn.net 3 9.38% 0.03 1310.661
2 /HTTP Requests by HTTP Host/vjs.zencdn.net /vttjs/0.12.5/vtt.global.min.js 3 100.00% 0.03 1310.661
1 /HTTP Requests by HTTP Host timeinc.brightcove.com.edgesuite.net 2 6.25% 0.02 1188.536
2 /HTTP Requests by HTTP Host/timeinc.brightcove.com.edgesuite.net /rtmp_uds/293884104/201510/874/4584479675001/293884104_4584479675001_s-7.ts?pubId=2111767321001&videoId=45858888080012 100.00% 0.02 1188.536
1 /HTTP Requests by HTTP Host tags.news.com.au 1 3.13% 0.01 1300.759
2 /HTTP Requests by HTTP Host/tags.news.com.au /prod/utrack/utrack.js?cb=15207502988110.3421145494598944 1 100.00% 0.01 1300.759
1 /HTTP Requests by HTTP Host ocsp.sca1b.amazontrust.com 2 6.25% 0.01 347.155
2 /HTTP Requests by HTTP Host/ocsp.sca1b.amazontrust.com / 2 100.00% 0.01 347.155
1 /HTTP Requests by HTTP Host ocsp.int-x3.letsencrypt.org 1 3.13% 0.01 560.874
2 /HTTP Requests by HTTP Host/ocsp.int-x3.letsencrypt.org / 1 100.00% 0.01 560.874
1 /HTTP Requests by HTTP Host ocsp.digicert.com 1 3.13% 0.01 1270.662
2 /HTTP Requests by HTTP Host/ocsp.digicert.com / 1 100.00% 0.01 1270.662
1 /HTTP Requests by HTTP Host detectportal.firefox.com 2 6.25% 0.01 177.719
2 /HTTP Requests by HTTP Host/detectportal.firefox.com /success.txt 2 100.00% 0.01 177.719
1 /HTTP Requests by HTTP Host connectivity-check.ubuntu.com 1 3.13% 0.01 1577.723
2 /HTTP Requests by HTTP Host/connectivity-check.ubuntu.com / 1 100.00% 0.01 1577.723
1 /HTTP Requests by HTTP Host cdn.segment.com 1 3.13% 0.01 1140.2
2 /HTTP Requests by HTTP Host/cdn.segment.com /analytics.js/v1/S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js 1 100.00% 0.01 1140.2
1 /HTTP Requests by HTTP Host cdn.newsapi.com.au 1 3.13% 0.01 1297.747
2 /HTTP Requests by HTTP Host/cdn.newsapi.com.au /image/v1/6222c3637fdd84b00a9ff3493ebde9b0?width=150 1 100.00% 0.01 1297.747
1 /HTTP Requests by HTTP Host 239.255.255.250:1900 17 53.13% 0.04 511.214
2 /HTTP Requests by HTTP Host/239.255.255.250:1900 * 17 100.00% 0.04 511.214
List of accessed Videos
Chain of custody
level parent Topic / Item Count Percent Burst rate Burst start
0 HTTP Requests by HTTP Host 32 100% 0.04 511.214
1 /HTTP Requests by HTTP Host vjs.zencdn.net 3 9.38% 0.03 1310.661
2 /HTTP Requests by HTTP Host/vjs.zencdn.net /vttjs/0.12.5/vtt.global.min.js 3 100.00% 0.03 1310.661
1 /HTTP Requests by HTTP Host timeinc.brightcove.com.edgesuite.net 2 6.25% 0.02 1188.536
2 /HTTP Requests by HTTP Host/timeinc.brightcove.com.edgesuite.net /rtmp_uds/293884104/201510/874/4584479675001/293884104_4584479675001_s-7.ts?pubId=2111767321001&videoId=45858888080012 100.00% 0.02 1188.536
1 /HTTP Requests by HTTP Host tags.news.com.au 1 3.13% 0.01 1300.759
2 /HTTP Requests by HTTP Host/tags.news.com.au /prod/utrack/utrack.js?cb=15207502988110.3421145494598944 1 100.00% 0.01 1300.759
1 /HTTP Requests by HTTP Host ocsp.sca1b.amazontrust.com 2 6.25% 0.01 347.155
2 /HTTP Requests by HTTP Host/ocsp.sca1b.amazontrust.com / 2 100.00% 0.01 347.155
1 /HTTP Requests by HTTP Host ocsp.int-x3.letsencrypt.org 1 3.13% 0.01 560.874
2 /HTTP Requests by HTTP Host/ocsp.int-x3.letsencrypt.org / 1 100.00% 0.01 560.874
1 /HTTP Requests by HTTP Host ocsp.digicert.com 1 3.13% 0.01 1270.662
2 /HTTP Requests by HTTP Host/ocsp.digicert.com / 1 100.00% 0.01 1270.662
1 /HTTP Requests by HTTP Host detectportal.firefox.com 2 6.25% 0.01 177.719
2 /HTTP Requests by HTTP Host/detectportal.firefox.com /success.txt 2 100.00% 0.01 177.719
1 /HTTP Requests by HTTP Host connectivity-check.ubuntu.com 1 3.13% 0.01 1577.723
2 /HTTP Requests by HTTP Host/connectivity-check.ubuntu.com / 1 100.00% 0.01 1577.723
1 /HTTP Requests by HTTP Host cdn.segment.com 1 3.13% 0.01 1140.2
2 /HTTP Requests by HTTP Host/cdn.segment.com /analytics.js/v1/S2RVIWEtnVwlQUlXfkCmR4K4CTTGoT2c/analytics.min.js 1 100.00% 0.01 1140.2
1 /HTTP Requests by HTTP Host cdn.newsapi.com.au 1 3.13% 0.01 1297.747
2 /HTTP Requests by HTTP Host/cdn.newsapi.com.au /image/v1/6222c3637fdd84b00a9ff3493ebde9b0?width=150 1 100.00% 0.01 1297.747
1 /HTTP Requests by HTTP Host 239.255.255.250:1900 17 53.13% 0.04 511.214
2 /HTTP Requests by HTTP Host/239.255.255.250:1900 * 17 100.00% 0.04 511.214
9CSG 5308 – WIRELESS SECURITY ASSIGNMENT 01
Bibliography
Chappell, L. (2017). Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution
Series. Laura Chappell University.
Deokule, K., Modi, P., Mistry, D., Patki, H., Patel, A., & Abuzaghleh, O. (2016). Network
Traffic Measurement and Analysis.
Kumar, M., & Yadav, R. (2015). TCP & UDP PACKETS ANALYSIS USING
WIRESHARK. International Journal of Science, Engineering and Technology Research
(IJSETR), 4(7).
Ndatinya, V., Xiao, Z., Manepalli, V. R., Meng, K., & Xiao, Y. (2015). Network forensics
analysis using Wireshark. International Journal of Security and Networks, 10(2), 91-106.
Sanders, C. (2017). Practical packet analysis: Using Wireshark to solve real-world network
problems. No Starch Press.
Saxena, P., & Sharma, S. K. (2017). Analysis of Network Traffic by using Packet Sniffing Tool:
Wireshark.
Bibliography
Chappell, L. (2017). Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution
Series. Laura Chappell University.
Deokule, K., Modi, P., Mistry, D., Patki, H., Patel, A., & Abuzaghleh, O. (2016). Network
Traffic Measurement and Analysis.
Kumar, M., & Yadav, R. (2015). TCP & UDP PACKETS ANALYSIS USING
WIRESHARK. International Journal of Science, Engineering and Technology Research
(IJSETR), 4(7).
Ndatinya, V., Xiao, Z., Manepalli, V. R., Meng, K., & Xiao, Y. (2015). Network forensics
analysis using Wireshark. International Journal of Security and Networks, 10(2), 91-106.
Sanders, C. (2017). Practical packet analysis: Using Wireshark to solve real-world network
problems. No Starch Press.
Saxena, P., & Sharma, S. K. (2017). Analysis of Network Traffic by using Packet Sniffing Tool:
Wireshark.
1 out of 10
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.