Lab 10.1.11 Filter and Analyze Traffic with Wireshark Data [WLOs: 1, 2, 3, 4, 5] [CLOs: 1, 2, 3]

 equired Actions & Questions

PassedIsolate traffic with the net 192.168.0.0 filter.
IncorrectQ1What is the affect of the net 192.168.0.0 filter in Wireshark?
Your answer: Only packets with a source address of 192.168.0.0 are displayed.
Correct answer: Packets with either a source or destination address on the 192.168.0.0 network are displayed.
PassedIsolate traffic with the host 192.168.0.34 filter.
IncorrectQ2What is the affect of the host 192.168.0.34 filter in Wireshark?
Your answer: Only packets with 192.168.0.34 in the source address are displayed.
Correct answer: Packets with 192.168.0.34 in either the source or destination address are displayed.
PassedIsolate traffic with the tcp contains password filter.
IncorrectQ3What is the captured password?
Your answer: St@yOut
Correct answer: St@y0ut!@
Explanation

In this lab, your task is to:

  • Use Wireshark to capture packets from the enp2s0 interface.
  • Use the following Wireshark filters to isolate and examine specific types of packets:
    • net 192.168.0.0
    • host 192.168.0.34
    • tcp contains password
  • Answer the questions.

Complete this lab as follows:

  1. Begin a Wireshark capture as follows:
    1. From the Favorites bar, open Wireshark.
    2. Under Capture, select enp2s0.
    3. Select the blue fin to begin a Wireshark capture.
  2. Apply the net 192.168.0.0 filter as follows:
    1. In the Apply a display filter field, type net 192.168.0.0 and press Enter.
      Look at the source and destination addresses of the filtered packets.
    2. In the top right, select Answer Questions.
    3. Under Lab Questions, answer question 1.
  3. Apply the host 192.168.0.34 filter as follows:
    1. In the Apply a display filter field, type host 192.168.0.34 and press Enter.
      Look at the source and destination addresses of the filtered packets.
    2. Under Lab Questions, answer question 2.
  4. Apply the tcp contains password filter as follows:
    1. In the Apply a display filter field, type tcp contains password and press Enter.
    2. Select the red box to stop the Wireshark capture.
    3. Locate the password in the captured packet.
    4. Under Lab Questions, answer question 3.
    5. Select Score Lab.

Comments

Post a Comment

Popular Posts