Project 3: Using Wireshark to Analyze a Packet Capture File (15 pts.)

What You Need

Purpose

You will be examining a saved packet capture file with Wireshark, to practice finding information from it.

Downloading the Packet Capture File

Right-click the link below and save the capture file on your desktop.
Packet Capture File
On your desktop, double-click the p3.pcap file. The file opens in Wireshark, as shown below on this page.

Analyzing the Packet Capture File

Examine the wireshark window and find answers to the following questions:
  1. This packet capture file contains two TCP handshakes. Find the first handshake and write down the packet numbers of those packets (the column labeled "No.").

  2. In this session, a client machine initiated a connection to a server and then downloaded a file. What is the client's IP address?

  3. How many HTTP GET request packets are there?

  4. Find the first HTTP GET request packet. What was the server's IP address? (The server is the Destination).

  5. Examine the first packet. Look at the center pane in Wireshark. How many bytes were sent on the wire to form this packet?

    Turning in Your Project

    Email the answers to those questions to: cnit.106sam@gmail.com with a subject line of Proj 3 From Your Name, replacing Your Name with your own first and last name. Send a Cc to yourself.

    Last Modified: 8-14-13 1:39 PM