Network (Packet) Analysis Questions (7 questions) – Wireshark

Description

Hi I need help with 7 questions related to network traffic. Specifically you will need to use Wireshark with a pcap file I provided to answer the 7 questions. Example of questions (see attached for all 7). The attached (Assignment.docx) file has example of good versus poor description for the answers, this is located at the top of the document above the 7 questions.

Is the activity occurring in packets 91-132 abnormal? If so, provide a detailed interpretation of what is occurring, and the possible consequences such as how many ports are involved and their associated services. What information would be gained and how could it be used by an attacker?

Good description vs poor description
Poor:
IP xxx.xxx.xxx.xxx is accessing port 21 over TCP on IP xx.xx.xx.xx
While this is a fact, it’s not useful information as it missing the description which makes it relevant
to what’s going on.
Good:
IP xxx.xxx.xxx.xxx is attempting to connect to port 21 on IP xxx.xxx.xxx.xxx. Port 21 is ftp, which sends
credentials in the clear. The series of packet captures shows that the intruder was attempting to guess
passwords for user “sumowrestler”. The intruder was eventually successful after the 5th try. The
passwords guessed were “password”, “sumo”, “wrestler”, “beatles” and “sumo1”, the latter of which
allowed the intruder to gain access to the computer.
1. Is the activity occurring in packets 42-84 abnormal? If so, provide a detailed interpretation of what is
occurring, and the possible consequences.
2. Is the activity occurring in packets 91-132 abnormal? If so, provide a detailed interpretation of what is
occurring, and the possible consequences such as how many ports are involved and their associated
services. What information would be gained and how could it be used by an attacker?
3. Is the activity occurring in packets 139-1157 abnormal? Hint: this is a TCP stream so you can select the
first packet > Right-Click > “Follow TCP Stream” (or Follow > TCP Stream depending on your version)
and Wireshark will extract those packets in to a single readable stream. Provide a detailed description and
interpretation of what is occurring along with possible consequences. There is a lot going on there; tell me
what happened.
4. Is the activity occurring in packets 1160-1182 abnormal? If so, provide a detailed interpretation of what
is occurring. This may require a light Googling. Hint: This is also a TCP Stream; see above.
5. Is the activity occurring in packets 1184-1475 abnormal? If so, provide a detailed interpretation of what
is occurring, and the possible uses of the information gained. Hint: You guessed it – also a TCP Stream.
6. Is the activity occurring in packets 1476 through the end of the packet capture abnormal? If so, provide
a detailed interpretation of what is occurring, and the possible uses of the information gained.
7. Can you determine who was the attacker and, in your opinion, were the skills of the attacker low,
moderate, or high and why.

Purchase answer to see full
attachment

We offer the bestcustom writing paper services. We have done this question before, we can also do it for you.

Why Choose Us

  • 100% non-plagiarized Papers
  • 24/7 /365 Service Available
  • Affordable Prices
  • Any Paper, Urgency, and Subject
  • Will complete your papers in 6 hours
  • On-time Delivery
  • Money-back and Privacy guarantees
  • Unlimited Amendments upon request
  • Satisfaction guarantee

How it Works

  • Click on the “Place Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
  • Fill in your paper’s requirements in the "PAPER DETAILS" section.
  • Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
  • Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
  • From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.