Take screenshots of relevant content (as discussed below) and submit those screenshots in a single Microsoft Word document. Note there should be one submittal only for each lab.
Complete this lab in the Maryville Virtual Applications. Within your Course Resources, you have access to the instructions needed to access eLumin and Maryville Virtual Applications.
Reach out to your instructor or the Maryville Help Desk if you are having difficulties accessing the software for this course.
One of the most well-known packet sniffers is called Wireshark. It is a powerful tool that can capture, filter, and analyze network traffic. It can promiscuously capture traffic on both wired and wireless networks. It is used by security and networking professionals to troubleshoot networking problems.
In this project, you will use Wireshark, capture packets, and look at the contents of a packet. When placed correctly, a network administrator can use Wireshark to see all the traffic coming into and out of a network. Network administrators can, among other things, see which hostnames are being requested and who is requesting them. Surfing the Web is not anonymous.
Before beginning your project, watch the following Wireshark 101 video from Hak5 for background information on the tool (please note the videos cover version 1 while we will be using version 2 but usage is very similar).
Enter your Maryville Virtual Applications environment, connect to the GUI for Kali Linux
- Open Terminal Emulator, type in the following command, and hit enter:sudo wireshark
- Double-click “eth0” on the home screen to begin collecting data. (This selects the network interface we’ll be using and starts data collection).
- While you are waiting for data to be collected, open a web browser and go to a few websites of your choosing and then close the browser.
- After a few minutes of collecting data packets that are passing over the network, hit Stop Capturing Packets (represented by a red rectangle).
- Take a screenshot.
- Sort your network traffic by selecting the Protocol heading which categorizes your traffic (e.g., ARP, TCP, UDP, etc).
- Select 15 packets (from at least 5 different protocols) and write a one-page analysis (double spaced) for each packet discussing your opinion of what is occurring here (for a total of at least 15 pages). A good example of what is expected is in the videos provided herein. Take a screenshot of each packet you are analyzing as well (does not count toward the one-page length requirement).
If you’d like a video that further expands on Wireshark, I recommend the one below.
This is the next chapter of your lab book for the semester. Each Lab Assignment is a new chapter in your lab book.
Your lab book chapter each week should include:
- Cover Page
- Introduction of the lab assignment
- Screenshots that dialogue your lab experience/ what you learned during the exercise
- Conclusion of the lab assignment
- Independent Research – expanding the topic.. ( For example this week, we are focusing on the VM, an appropriate expansion may be discussing why we use a VM, uses of VM’s, history of VM’s, NextGen VM’s… etc)
A Helpful Message regarding the projects/ lab assignments…
Yes, we normally provide steps to follow and a general direction of what is necessary to complete the assignment….. but they are not recipes… they are diving boards for exploration. Sometimes things do not work perfectly… that’s OK.. note it in your lab book and continue. The intent is to provide the general direction… the assignment is intended for you to run with it and learn!!