Skip to content Skip to sidebar Skip to footer
Home / 6 Review the First Capture File (Nokia) and Determine What Is Happening With the 80211 Traffic

6 Review the First Capture File (Nokia) and Determine What Is Happening With the 80211 Traffic

Post a Comment

Please Aid Review Beginning Capture File Nokia Determine Happening 80211 Traffic Hint Use Ana Q42005314

PLEASE Help!

  1. Review the first capture file (Nokia) anddetermine what is happening with the 802.11 traffic.  Hint: use the Clarify/Conversation Filter
  1. Describe the traffic: what packets are involved and what ishappening? (include source, destination, fourth dimension of capture)
  2. Take a screenshot of the actual packets within the capture filethat y'all observed this beliefs.

a Ten Nokia.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Help Apply a display filter ... < -> Exp

  1. Review the 2nd capture file (wpa) anddetermine what is happening with the WPA traffic in this capture.(countersign is "Induction"). Hint: Use Edit->preferences, ProtocolIEEE 802.eleven, decryption with "Induction"); Look at the packetsprior to and after decryption. Use this

https://wiki.wireshark.org/HowToDecrypt802.11 . You are STILLrequired to answer the following questions in your own words andprovide a screenshot!

  1. What do you different in one case y'all have decrypted the packets? Whatis decrypted and what is happening? (include source, destination,time of capture)

b.Take a screenshot of the actual packets within the capturefile that yous observed.

a X wpa-Induction.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Help Apply a display filter ...

  1. Review the third capture file (toredo) anddetermine what is happening with the Ipv4-IPv6 traffic in thiscapture.

a.    Enquiry Toredofor encapsulation relating to Ipv6 using the content links in thecourse and describe it here.

  1. Describe the traffic: what packets are involved and what ishappening? (include source, destination, time of capture) (Hint:look at all Ipv6 packets that have Toredo in their details)
  2. Have a screenshot of the actual packets within the capture filethat you observed this beliefs.

a Ten toredo.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Help + No. Employ a brandish filter ... <

  1. Review the fourth capture file (6to4) anddetermine what is happening with the Ipv4- IPv6 traffic in thiscapture. What else is involved?

a.    Inquiry 6to4protocol using the content links in the course relating to 6to4 anddescribe it hither.

  1. Describe the traffic: what packets are involved and what ishappening? (include source, destination, time of capture)
  2. Take a screenshot of the actual packets within the capture filethat you observed this behavior.
  1. How do the 2 dissimilar methods differ?
  2. Are in that location whatsoever other transitioning methods for IPv6 that youcame across in your research that are noteworthy?


a 10 6to4.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Help + No. Apply a display filter ... <Ct

a 10 Nokia.pcap File Edit View Get Capture Clarify Statistics Telephony Wireless Tools Assistance Apply a brandish filter ... < -> Expression. + No. Time one @.2006ee 2 0.102407 3 0.284810 4 9.307201 v 0.409599 6 0.512016 vii 0.614482 viii 0.716809 Source Siemens_41:bd:6e Siemens_41: bd: 6e Siemens_41: bd:6e Siemens_41: bd:6e Siemens_41:bd: 6e Siemens_41: bd: 6e Siemens_41:bd:6e Siemens_41: bd:6e Destination Broadcast Broadcast Broadcast Circulate Circulate Broadcast Broadcast Broadcast Protocol 802.11 802.11 802.eleven 802.11 802.11 802.11 802.11 802.11 Length Info 119 Beacon frame, SN=3841, FN=0, Flags........., BI=100, SSID=martinet3 110 Beacon frame, SN=3842, FN=®, Flags......... BI=100, SSID=martinet3 110 Beacon frame, SN=3843, FN=e, Flags........., BI=100, SSID=martinet3 110 Beacon frame, SN=3844, FN=two, Flagss........, BI=100, SSID=martinet3 110 Buoy frame, SN=3845, FN=0, Flags=........, BI=100, SSID=martinet3 110 Buoy frame, SN=3846, FN=0, Flags=........, BI=100, SSID=martinet3 110 Buoy frame, SN=3847, FN=0, Flags=........, BI=100, SSID=martinet3 110 Beacon frame, SN=3848, FN=0, Flags ........, BI=180, SSID=martinet3 Frame 1: 110 bytes on wire (880 bits), 112 bytes captured (888 bits) IEEE 802.xi Buoy frame, Flags: ........ > IEEE 802.11 wireless LAN 8080 80 80 80 eighty ff ff ff ff ff ff 00 01 iii 41 bd be 8010 80 81 e3 41 bd exist x fo 84 21 la 08 e 8928 64 89 eleven 84 89 89 60 61 72 74 69 6e 65 74 33 01 2930 88 82 84 8b 96 24 30 48 threescore 03 01 @b 05 04 03 01 2040 ee ee 2a 81 84 2f 81 84 32 64 ec 12 60 dd 06 8050 80 x 18 81 81 8e dd xvi ve 50 f2 01 01 02 ee 52 BASA 2 62 61 A da sa 67 07 10 DO 2 .....An An........ d...ma rtinet3 Sen 1....... ..*../ 2... ..............P 11:03 PM 0 Type here to search OLê e 39 xi/9/2019 a X wpa-Induction.pcap File Edit View Become Capture Clarify Statistics Telephony Wireless Tools Assist Utilize a display filter ... <Ctrl-> Expression. + No. Destination Time 1 @.2006ee two 0.102961 iii 0.103946 4 0.204955 5 0.307929 half-dozen 6.499911 7 0.512900 viii 0.614871 Source Cisco-Li_82:b2:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Broadcast Broadcast Spanning-tree-(for... Circulate Broadcast Circulate Circulate Broadcast Protocol 802.eleven 802.eleven 802.11 802.11 802.eleven 802.xi 802.11 802.11 Length Info 168 Buoy frame, SN=3973, FN=8, Flags=.......C, BI=100, SSID=Coherer 168 Beacon frame, SN=3974, FN=@, Flags=........C, BI=100, SSID=Coherer 118 Data, SN=3975, FN=®, Flagss.p....F.C 168 Beacon frame, SN=3976, FN=viii, Flags=........C, BI=100, SSID=Coherer 16R Reacon frame 168 Beacon frame, SN=3977, FN=e, Flags=........C, BI=100, SSID=Coherer 168 Beacon frame, SN=3978, FN=0, Flags=........C, BI=100, SSID=Coherer 168 Beacon frame, SN=3979, FN=0, Flags=........C, BI=100, SSID=Coherer 168 Buoy frame, SN=3980, FN=0, Flags ........C, BI=100, SSID=Coherer Frame 1: 168 bytes on wire (1344 bits), 168 bytes captured (1344 bits) Radiotap Header ve, Length 24 > 802.11 radio data > IEEE 802.11 Beacon frame, Flags: ........C > IEEE 802.11 wireless LAN 8080 80 80 18 80 8e 58 lxxx lxxx 18 @2 6c 09 ae be 54 88 8010 89 2b lxxx e 9f 61 c9 5c 80 Be @ ff ff ff ff 8928 ff ff 89 8c 41 82 b2 55 09 Oc 41 82 62 55 58 f8 2930 89 f1 d4 1b 81 eo ee eo 64 60 eleven 4 68 67 43 6f 8040 68 65 72 65 72 81 88 82 84 8b 96 24 30 48 6c e3 8050 01 01 85 84 fourscore 81 ee ee 2a 01 02 2f 01 02 30 eighteen Base 01 af 07 0 Af af ar 2 Type here to search X...one..T- +... ...... AU A Upwardly .. ....co herer... $0H1 ........*../.. 11:05 PM 0 O Loe 39 xi/9/2019 a X toredo.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Assist + No. Utilize a display filter ... <Ctrl-> Fourth dimension Source Destination Protocol 1 @.888000 192.168.2.sixteen 192.168.2.255 BROWS.... 2 1.144988 75.126.130.163 192.168.two.16 TCP 3 i.145345 192.168.2.16 75.126.130.163 TCP four four.275134 75.126.203.78 192.168.2.16 TCP v four.275521 192.168.two.16 75.126.293.78 half-dozen 5.618646 fe80::8888:ffff:ff... ff02: : ii ICMPv6 7 5.732696 fe80::8000: f227: exist... fe80::8999:ffff:ff... ICMPv6 8 11.241431 192.168.2.xvi 75.126.293.78 TCP Expression. Length Info 243 Local Master Announcement ESURNIR-LAPTOP, Workstation, Server, Print Queue Server, NT Wor 54 88 + 1576 (FIN, ACK] Seq=one Ack=i Win=6432 Len= 54 1576 + 80 [ACK] Seq=1 Ack=2 Win=17129 Len=0 54 88 - 1577 (FIN, ACK] Seq=1 Ack=i Win=8576 Len=0 54 1577 + 80 [ACK) Seq=i Ack=2 Win=17424 Len=0 119 Router Solicitation 151 Router Advert 54 1577 + 80 (FIN, ACK] Seq=1 Ack=2 Win=17424 Len=0 TCP Frame ane: 243 bytes on wire (1944 bits), 243 bytes captured (1944 bits) Ethernet II, Src: HonHaiPr_41:9c:28 (00:sixteen:cf:41:9c:20), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version 4, Src: 192.168.2.sixteen, Dst: 192.168.2.255 > User Datagram Protocol, Src Port: 138, Dst Port: 138 > NetBIOS Datagram Service SMB (Server Message Block Protocol) > SMB MailSlot Protocol > Microsoft Windows Browser Protocol . .. -A- -E. 8089 ffffffffffff eo sixteen cf 41 9c ze 08 02 45 02 8910 80 e5 87 CO 89 89 89 11 2b es ce as 02 10 ce as 8928 82 ff 89 8a 89 8a 89 di d6 39 11 92 86 61 co as 2930 02 ten 89 8a 89 bb fourscore 80 20 45 46 46 44 46 46 46 8840 43 45 46 45 4a 46 43 43 4e 45 4d 45 42 46 41 46 8050 45 45 50 46 41 43 41 43 41 viii 28 45 4e 46 44 45 Base AG ASA A AA AB A6 A2 A1 A2 41 42 41 42 41 42 .......9... . ... EFFDFFF CEOEJFCC NEMEBFAF EEPFACAC A ENFDE TEREN ACACACAC Type hither to search o Le MB60_waua 1w 106 PM eleven/9/2019 J - a X 6to4.pcap File Edit View Get Capture Analyze Statistics Telephony Wireless Tools Help + No. Apply a display filter ... <Ctrl-> Time Source Destination Protocol ane @.888000 2002:4637:d5d3 :: 46... 2881:4860:0:2881::... HTTP 2 0.271878 2001:4860:0:2001::... 2002:4637:d5d3 :: 45... TCP three 0.273789 2001:4860::2001::... 2002:4637:d5d3 :: 46... TCP 4 0.274939 2001:4868: :2001::... 2002:4637:d5d3:: 46... HTTP 5 .456186 2002:4637:d5d3:: 46... 2001:4868:8:2801::.. TCP Expression.... Length Info 8 99 GET / HTTP/1.i 1314 eighty - 1287 [ACK] Seq=one Ack=798 Win=14370 Len=1212 (TCP segment of a reassembled PDU] 1314 82 - 1287 [ACK] Seq=1213 Ack=798 Win=14370 Len=1212 [TCP segment of a reassembled PDU] 594 HTTP/1.1 200 OK (text/html) 102 1287 + 80 [ACK) Seq=798 Ack=2917 Win=16968 Len=0 IL Frame 1: 899 bytes on wire (7192 bits), 899 bytes captured (7192 bits) Ethernet Ii, Src: HonHaiPr_41:9c:20 (00:16:cf:41:9c:20), Dst: Unispher_41:65:41 (00:90:1a:41:65:41) PPP-over-Ethernet Session > Betoken-to-Point Protocol Cyberspace Protocol Version 4, Src: 70.55.213.211, Dst: 192.88.99.one Internet Protocol Version 6, Src: 2002:4637:d5d3:: 4637:d5d3, Dst: 2901:4862::2001: :68 Transmission Command Protocol, Src Port: 1287, Dst Port: 80, Seq: 1, Ack: one, Len: 797 Hypertext Transfer Protocol 8080 80 90 la 41 65 41 ee sixteen cf 41 9 xx 88 64 eleven 00 8910 1d cd 03 6f 89 21 45 80 03 6d 93 B8 88 29 8920 64 aa 46 37 d5 d3 c 58 63 81 60 89 89 83 31 2930 26 80 20 22 46 37 d5 d3 99 se ce ne se eastward 46 37 2040 d5 d3 twenty 01 48 sixty ee ee 2e ei ee eeee eeee ee 8050 80 68 85 87 fourscore fifty 22 ec 55 11 3a ce od 61 58 eighteen case 11ch 66 1R QA QA 17 45 64 lxx 74 70 AR 54 54 sa AA A d . .0! E MY...) d. F7...X ....one ...F7... ....F7 . H .. .. . h...p". U aP MEGET HITR eleven:07 PM 0 Type here to search OLê e 39 eleven/nine/2019 Show transcribed paradigm text a X Nokia.pcap File Edit View Go Capture Clarify Statistics Telephony Wireless Tools Assistance Apply a display filter ... Expression. + No. Time 1 @.2006ee 2 0.102407 3 0.284810 four nine.307201 5 0.409599 6 0.512016 vii 0.614482 8 0.716809 Source Siemens_41:bd:6e Siemens_41: bd: 6e Siemens_41: bd:6e Siemens_41: bd:6e Siemens_41:bd: 6e Siemens_41: bd: 6e Siemens_41:bd:6e Siemens_41: bd:6e Destination Circulate Broadcast Broadcast Circulate Circulate Broadcast Broadcast Circulate Protocol 802.11 802.eleven 802.11 802.eleven 802.xi 802.11 802.11 802.11 Length Info 119 Buoy frame, SN=3841, FN=0, Flags........., BI=100, SSID=martinet3 110 Beacon frame, SN=3842, FN=®, Flags......... BI=100, SSID=martinet3 110 Beacon frame, SN=3843, FN=eastward, Flags........., BI=100, SSID=martinet3 110 Buoy frame, SN=3844, FN=ii, Flagss........, BI=100, SSID=martinet3 110 Beacon frame, SN=3845, FN=0, Flags=........, BI=100, SSID=martinet3 110 Beacon frame, SN=3846, FN=0, Flags=........, BI=100, SSID=martinet3 110 Buoy frame, SN=3847, FN=0, Flags=........, BI=100, SSID=martinet3 110 Beacon frame, SN=3848, FN=0, Flags ........, BI=180, SSID=martinet3 Frame 1: 110 bytes on wire (880 bits), 112 bytes captured (888 bits) IEEE 802.11 Beacon frame, Flags: ........ > IEEE 802.xi wireless LAN 8080 80 80 80 80 ff ff ff ff ff ff 00 01 three 41 bd be 8010 80 81 e3 41 bd be 10 fo 84 21 la 08 e 8928 64 89 11 84 89 89 60 61 72 74 69 6e 65 74 33 01 2930 88 82 84 8b 96 24 xxx 48 threescore 03 01 @b 05 04 03 01 2040 ee ee 2a 81 84 2f 81 84 32 64 ec 12 60 dd 06 8050 80 10 18 81 81 8e dd sixteen ve 50 f2 01 01 02 ee 52 BASA two 62 61 A da sa 67 07 ten Practise 2 .....An An........ d...ma rtinet3 Sen one....... ..*../ 2... ..............P eleven:03 PM 0 Type here to search OLê e 39 11/9/2019
a X wpa-Consecration.pcap File Edit View Become Capture Clarify Statistics Telephony Wireless Tools Help Employ a display filter ... Expression. + No. Destination Time 1 @.2006ee ii 0.102961 iii 0.103946 4 0.204955 5 0.307929 vi six.499911 7 0.512900 8 0.614871 Source Cisco-Li_82:b2:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Cisco-Li_82:52:55 Circulate Circulate Spanning-tree-(for... Broadcast Broadcast Broadcast Broadcast Broadcast Protocol 802.11 802.11 802.xi 802.11 802.11 802.eleven 802.eleven 802.eleven Length Info 168 Beacon frame, SN=3973, FN=eight, Flags=.......C, BI=100, SSID=Coherer 168 Beacon frame, SN=3974, FN=@, Flags=........C, BI=100, SSID=Coherer 118 Data, SN=3975, FN=®, Flagss.p....F.C 168 Beacon frame, SN=3976, FN=8, Flags=........C, BI=100, SSID=Coherer 16R Reacon frame 168 Beacon frame, SN=3977, FN=e, Flags=........C, BI=100, SSID=Coherer 168 Beacon frame, SN=3978, FN=0, Flags=........C, BI=100, SSID=Coherer 168 Beacon frame, SN=3979, FN=0, Flags=........C, BI=100, SSID=Coherer 168 Beacon frame, SN=3980, FN=0, Flags ........C, BI=100, SSID=Coherer Frame one: 168 bytes on wire (1344 bits), 168 bytes captured (1344 bits) Radiotap Header ve, Length 24 > 802.11 radio information > IEEE 802.eleven Beacon frame, Flags: ........C > IEEE 802.eleven wireless LAN 8080 80 80 18 80 8e 58 eighty 80 18 @2 6c 09 ae exist 54 88 8010 89 2b 80 e 9f 61 c9 5c 80 Exist @ ff ff ff ff 8928 ff ff 89 8c 41 82 b2 55 09 Oc 41 82 62 55 58 f8 2930 89 f1 d4 1b 81 eo ee eo 64 60 11 iv 68 67 43 6f 8040 68 65 72 65 72 81 88 82 84 8b 96 24 30 48 6c e3 8050 01 01 85 84 80 81 ee ee 2a 01 02 2f 01 02 30 18 Base 01 af 07 0 Af af ar two Type hither to search X...1..T- +... ...... AU A Upwardly .. ....co herer... $0H1 ........*../.. 11:05 PM 0 O Loe 39 xi/9/2019
a X toredo.pcap File Edit View Go Capture Clarify Statistics Telephony Wireless Tools Assist + No. Utilize a display filter ... Time Source Destination Protocol ane @.888000 192.168.2.16 192.168.2.255 BROWS.... two 1.144988 75.126.130.163 192.168.2.xvi TCP iii 1.145345 192.168.two.xvi 75.126.130.163 TCP iv four.275134 75.126.203.78 192.168.2.16 TCP 5 4.275521 192.168.2.16 75.126.293.78 6 5.618646 fe80::8888:ffff:ff... ff02: : 2 ICMPv6 7 5.732696 fe80::8000: f227: exist... fe80::8999:ffff:ff... ICMPv6 viii 11.241431 192.168.2.sixteen 75.126.293.78 TCP Expression. Length Info 243 Local Master Announcement ESURNIR-LAPTOP, Workstation, Server, Print Queue Server, NT Wor 54 88 + 1576 (FIN, ACK] Seq=1 Ack=one Win=6432 Len= 54 1576 + fourscore [ACK] Seq=1 Ack=2 Win=17129 Len=0 54 88 - 1577 (FIN, ACK] Seq=one Ack=1 Win=8576 Len=0 54 1577 + 80 [ACK) Seq=1 Ack=ii Win=17424 Len=0 119 Router Solicitation 151 Router Advertising 54 1577 + fourscore (FIN, ACK] Seq=i Ack=2 Win=17424 Len=0 TCP Frame 1: 243 bytes on wire (1944 bits), 243 bytes captured (1944 $.25) Ethernet Ii, Src: HonHaiPr_41:9c:28 (00:16:cf:41:9c:twenty), Dst: Broadcast (ff:ff:ff:ff:ff:ff) Internet Protocol Version iv, Src: 192.168.2.16, Dst: 192.168.2.255 > User Datagram Protocol, Src Port: 138, Dst Port: 138 > NetBIOS Datagram Service SMB (Server Message Block Protocol) > SMB MailSlot Protocol > Microsoft Windows Browser Protocol . .. -A- -East. 8089 ffffffffffff eo 16 cf 41 9c ze 08 02 45 02 8910 80 e5 87 CO 89 89 89 11 2b es ce every bit 02 10 ce as 8928 82 ff 89 8a 89 8a 89 di d6 39 11 92 86 61 co as 2930 02 ten 89 8a 89 bb 80 80 20 45 46 46 44 46 46 46 8840 43 45 46 45 4a 46 43 43 4e 45 4d 45 42 46 41 46 8050 45 45 50 46 41 43 41 43 41 viii 28 45 4e 46 44 45 Base AG ASA A AA AB A6 A2 A1 A2 41 42 41 42 41 42 .......9... . ... EFFDFFF CEOEJFCC NEMEBFAF EEPFACAC A ENFDE TEREN ACACACAC Type here to search o Le MB60_waua 1w 106 PM 11/9/2019 J -
a Ten 6to4.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Assist + No. Apply a brandish filter ... Time Source Destination Protocol 1 @.888000 2002:4637:d5d3 :: 46... 2881:4860:0:2881::... HTTP 2 0.271878 2001:4860:0:2001::... 2002:4637:d5d3 :: 45... TCP 3 0.273789 2001:4860::2001::... 2002:4637:d5d3 :: 46... TCP 4 0.274939 2001:4868: :2001::... 2002:4637:d5d3:: 46... HTTP 5 .456186 2002:4637:d5d3:: 46... 2001:4868:8:2801::.. TCP Expression.... Length Info 8 99 GET / HTTP/1.1 1314 80 - 1287 [ACK] Seq=one Ack=798 Win=14370 Len=1212 (TCP segment of a reassembled PDU] 1314 82 - 1287 [ACK] Seq=1213 Ack=798 Win=14370 Len=1212 [TCP segment of a reassembled PDU] 594 HTTP/1.1 200 OK (text/html) 102 1287 + 80 [ACK) Seq=798 Ack=2917 Win=16968 Len=0 IL Frame one: 899 bytes on wire (7192 bits), 899 bytes captured (7192 bits) Ethernet Two, Src: HonHaiPr_41:9c:20 (00:16:cf:41:9c:20), Dst: Unispher_41:65:41 (00:90:1a:41:65:41) PPP-over-Ethernet Session > Point-to-Signal Protocol Internet Protocol Version 4, Src: seventy.55.213.211, Dst: 192.88.99.1 Internet Protocol Version 6, Src: 2002:4637:d5d3:: 4637:d5d3, Dst: 2901:4862::2001: :68 Transmission Control Protocol, Src Port: 1287, Dst Port: 80, Seq: ane, Ack: one, Len: 797 Hypertext Transfer Protocol 8080 lxxx ninety la 41 65 41 ee 16 cf 41 9 20 88 64 eleven 00 8910 1d cd 03 6f 89 21 45 lxxx 03 6d 93 B8 88 29 8920 64 aa 46 37 d5 d3 c 58 63 81 lx 89 89 83 31 2930 26 80 twenty 22 46 37 d5 d3 99 se ce ne se e 46 37 2040 d5 d3 xx 01 48 60 ee ee 2e ei ee eeee eeee ee 8050 80 68 85 87 80 50 22 ec 55 xi 3a ce od 61 58 eighteen example 11ch 66 1R QA QA 17 45 64 70 74 70 AR 54 54 sa AA A d . .0! E MY...) d. F7...X ....1 ...F7... ....F7 . H .. .. . h...p". U aP MEGET HITR xi:07 PM 0 Type here to search OLê east 39 eleven/9/2019

reillyandid1963.blogspot.com

Source: https://www.answersdocs.com/ExpertAnswers/please-help-review-first-capture-file-nokia-determine-happening-80211-traffic-hint-use-ana-q42005314

Post a Comment for "6 Review the First Capture File (Nokia) and Determine What Is Happening With the 80211 Traffic"