{"id":526,"date":"2025-03-05T02:00:45","date_gmt":"2025-03-05T02:00:45","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/?p=526"},"modified":"2025-03-05T02:00:47","modified_gmt":"2025-03-05T02:00:47","slug":"assignment-2-traffic-tracing-and-sniffing","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/2025\/03\/05\/assignment-2-traffic-tracing-and-sniffing\/","title":{"rendered":"Assignment 2: Traffic Tracing and Sniffing"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Task A \u2013 Get started with Wireshark<\/h2>\n\n\n\n<p>Q1. How many packets are captured in total? How many packets are displayed?<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"979\" height=\"580\" data-id=\"527\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3.jpg\" alt=\"\" class=\"wp-image-527\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3.jpg 979w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-300x178.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-768x455.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-750x444.jpg 750w\" sizes=\"(max-width: 979px) 100vw, 979px\" \/><\/a><\/figure>\n<figcaption class=\"blocks-gallery-caption wp-element-caption\">In total 238 packets were captured and 238 packets are displayed<\/figcaption><\/figure>\n\n\n\n<p>Q2. Apply \u201cICMP\u201d as a display filter in Wireshark. Then repeat the previous question<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-1 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"975\" height=\"579\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1.jpg\" alt=\"\" class=\"wp-image-528\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1.jpg 975w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1-300x178.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1-768x456.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-3-1-750x445.jpg 750w\" sizes=\"(max-width: 975px) 100vw, 975px\" \/><\/a><figcaption class=\"wp-element-caption\">In total 238 packets were capture but 210(88.2%) are displayed.<\/figcaption><\/figure>\n\n\n\n<p>Q3. Select an Echo (reply) message from the list. What are the source and<br>destination IPs of this packet? What are the sequence number and the size of the<br>data? What is the response time?<br>Sequence Number: (BE): 3 (0x0003)<br>Sequence Number: (LE): 768 (0x0300)<br>The response time is 159.524 ms<br>The size of the data is 48 bytes<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-2 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1086\" height=\"571\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3.jpg\" alt=\"\" class=\"wp-image-533\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3.jpg 1086w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3-300x158.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3-1024x538.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3-768x404.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-3-750x394.jpg 750w\" sizes=\"(max-width: 1086px) 100vw, 1086px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>Q4. Apply \u201cDNS\u201d as a display filter in Wireshark. How many packets are displayed?<br>Out of 238 packets, there are 4(1.7%) DNS packets displayed.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-3 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"975\" height=\"497\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4.jpg\" alt=\"\" class=\"wp-image-534\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4.jpg 975w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4-300x153.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4-768x391.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-4-4-750x382.jpg 750w\" sizes=\"(max-width: 975px) 100vw, 975px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>Q5. Find a DNS query packet. What is the domain name this host is trying to<br>resolve? What is the source IP and port number, destination IP and port number?<br>Please express in the format: IP: port.<br>The domain name the host is trying to resolve is 0.debian.pool.ntp.org<br>The source IP is 192.168.217.3 and the port number is 58872<br>217.3:55872<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-4 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"784\" height=\"402\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5.jpg\" alt=\"\" class=\"wp-image-535\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5.jpg 784w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-300x154.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-768x394.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-750x385.jpg 750w\" sizes=\"(max-width: 784px) 100vw, 784px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-5 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"775\" height=\"406\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1.jpg\" alt=\"\" class=\"wp-image-536\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1.jpg 775w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1-300x157.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1-768x402.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-5-1-750x393.jpg 750w\" sizes=\"(max-width: 775px) 100vw, 775px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>Q6. Find the corresponding DNS response to the query you selected at the previous<br>step, and what is the source IP and port number, destination IP, and port number?<br>What is the message replied to from the DNS server?<br>The source IP is 192.168.217.2 and the source port number is 53. The destination<br>IP is 192.168.217.3 and the port number is 58872.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-6 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"570\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1-1024x570.jpg\" alt=\"\" class=\"wp-image-538\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1-1024x570.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1-300x167.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1-768x428.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1-750x418.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-1.jpg 1101w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>The message from the DNS server is 58872<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"569\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2-1024x569.jpg\" alt=\"\" class=\"wp-image-539\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2-1024x569.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2-300x167.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2-768x427.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2-750x417.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20A-1-6-2.jpg 1105w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>Sniff ICMP traffic (10 + 10 = 20 points)<br>Open two terminals on External Kali VM. Use one ping Ubuntu VM, and use the<br>other ping Internal Kali<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"593\" data-id=\"540\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3-1024x593.jpg\" alt=\"\" class=\"wp-image-540\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3-1024x593.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3-300x174.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3-768x445.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3-750x435.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/annotated-CYSE20301_20Cybersecurity20Technique20and20Operations20Task20B-1-3.jpg 1101w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n\n\n\n<p>This is the screenshot of Internal Kali being pinged 192.168.10.13<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-3 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"569\" data-id=\"542\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5-1024x569.jpg\" alt=\"\" class=\"wp-image-542\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5-1024x569.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5-300x167.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5-768x427.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5-750x417.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/3.5.jpg 1159w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/figure>\n\n\n\n<p>This is a screenshot of Ubuntu VM being pinged 192.168.10.10<\/p>\n\n\n\n<p>a. Apply proper display or capture filter on Internal Kali VM to show active ICMP traffic.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-8 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"596\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5-1024x596.jpg\" alt=\"\" class=\"wp-image-544\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5-1024x596.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5-300x175.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5-768x447.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5-750x437.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/4.5.jpg 1103w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>b. Apply proper display or capture filter on Internal Kali VM that ONLY displays ICMP request originated from External Kali VM and goes to Ubuntu 64-bit VM.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-9 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"598\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5-1024x598.jpg\" alt=\"\" class=\"wp-image-545\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5-1024x598.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5-300x175.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5-768x448.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5-750x438.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/5.5.jpg 1103w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>2. Sniff FTP traffic (10 + 15 + 15 = 40 pts points<\/p>\n\n\n\n<p>a. Ubuntu VM is also serving as an FTP server inside the LAN network. Now, you<br>need to use External Kali to access this FTP server by using the command: ftp<br>[ip_addr of ubuntu VM]. The username for the FTP server is cyse301, and the<br>password is password. You can follow the steps below to access the FTP server.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-10 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"565\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1-1024x565.jpg\" alt=\"\" class=\"wp-image-547\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1-1024x565.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1-300x166.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1-768x424.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1-750x414.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/6.5-1.jpg 1064w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>b. Unfortunately, Internal Kali, the attacker, is also sniffing to the communication.<br>Therefore, all of your communication is exposed to the attacker. Now, you need to<br>find out the password used by External Kali to access the FTP server from the<br>intercepted traffic on Internal Kali. You need to screenshot and explain how you find<br>the password.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-11 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"245\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5-1024x245.jpg\" alt=\"\" class=\"wp-image-548\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5-1024x245.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5-300x72.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5-768x184.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5-750x180.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/7.5.jpg 1097w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<p>I found the password by typing in ftp on wireshark and it displayed the username and password used by the external kali.<\/p>\n\n\n\n<p>c. After you successfully find the username &amp; password from the FTP traffic, repeat the previous step (2. a), and use your MIDAS ID as the username and UIN as the password to reaccess the FTP server from External Kali. Although External Kali may not access the FTP server, you need to intercept the packets containing these\u201csecrets\u201d from the attacker VM, which is Internal Kali.<\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-layout-12 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:100%\">\n<figure class=\"wp-block-image size-large\"><a href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"579\" src=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5-1024x579.jpg\" alt=\"\" class=\"wp-image-549\" srcset=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5-1024x579.jpg 1024w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5-300x170.jpg 300w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5-768x434.jpg 768w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5-750x424.jpg 750w, https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-content\/uploads\/sites\/38245\/2025\/03\/8.5.jpg 1141w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Task A \u2013 Get started with Wireshark Q1. How many packets are captured in total? How many packets are displayed? Q2. Apply \u201cICMP\u201d as a display filter in Wireshark. Then repeat the previous question Q3. Select an Echo (reply) message from the list. What are the source anddestination IPs of this packet? What are the &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/2025\/03\/05\/assignment-2-traffic-tracing-and-sniffing\/\">Continue reading<\/a><\/p>\n","protected":false},"author":25235,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/posts\/526"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/users\/25235"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/comments?post=526"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/posts\/526\/revisions"}],"predecessor-version":[{"id":550,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/posts\/526\/revisions\/550"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/media?parent=526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/categories?post=526"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/nadiaeportifolioids493\/wp-json\/wp\/v2\/tags?post=526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}