Hello, dear friend, you can consult us at any time if you have any questions, add WeChat: daixieit

CMPSC335: Fundamentals of Communication Networks

Lab 6 (10 points)

Objectives

The following concepts and skills are demonstrated through this process:

1. Analyzing network packets with Wireshark.

2. Practicing C/C++ programming by utilizing static library to analyzing binary files.

3. Understand ARP Packet format.

Lab Activities

Please complete all lab activities (1 – 2) and submit your Lab report to Canvas per the submission instructions given at the end of this document.

Lab Activity 1 (3 points)

In this activity, you will use Wireshark to analyze network packets. These packets are captured and stored in a pcapng file (arp.pcapng). Please analyze this file and answer the following questions.

Lab Activity 1 – Questions

Please include answers to the following questions in your Lab report:

1. How many packets are stored in this file?

2. How many ARP packets are stored in this file?

3. Observing from all ARP packets, how many hosts are in the network? What are their MAC addresses?

4. Which host is performing ARP spoofing attack? What is its MAC address?

Lab Activity 2 (7 points)

In this activity, you will complete one function (ParseARPPacket), which parses the pcapng file (arp.pcapng) and displays the packet information like the format shown in the figure below.

Notice that, you only need to output the details of ARP packets, such as what is shown for Packet #6. For other packets, you just display the original length, the captured length and the type, such as what is shown for Packet #5. Therefore, the type should be used here to determine whether to output more details of one packet.

Please use the cpp file (Lab6.cpp) as the start point. It is posted on Canvas. This program uses a static library, which can facilitate our analysis.

● Download this file (linux.zip) and unzip it. Copy all files into the same directory in Kali Linux. Read the “ReadMe.txt” file for how to use these files.

**Hints - When using the function light_get_next_packet, please notice two variables with the types light_packet_header and uint8_t.

This function light_get_next_packet has the following signature:

 light_packet_header *packet_header,

 const uint8_t **packet_data);

The type light_packet_header has the following detinition:

uint32_t interface_id;

struct timeval timestamp;

uint32_t captured_length;

uint32_t original_length;

uint16_t data_link;

char* comment;

uint16_t comment_length;

Lab Activity 2 – Questions

Please include answers to the following questions in your Lab report.

1. Include a screenshot of the console output result of Lab6.cpp, which outputs the information like the figure above. Because there are many packets in this pcapng file, the screenshot only needs to include Packets from #3 to #9.

2. Include the completed Lab6.cpp file.

Submission

There is a MS-Word Lab report template on Canvas that you can download as a starting point for your Lab submission. There are two sections for you to fill in. Each section corresponds to the two Lab Activities for this Lab. For each section, please give a brief summary of what you did – feel free to include any thoughts / concerns / problems / etc. you encountered during the activities. Also, include your answers to the questions asked in each Lab Activity. Save your report as a PDF and submit it to Canvas before the deadline.