Project #3, Part 1: Packet Traces

Overvew

In the world of network security, it is very likely that you will find yourself peering at a collection of raw packets (a file of which is typically called a packet trace). Packet traces are often used for network forensics, analyzing (or reverse engineering) protocols, and (as you will soon find out) debugging and trouble shooting during network development.

The purpose of this portion of the assignment is to get you comfortable looking at packet traces. Your job is to use a packet analyzer to go through a trace file we give you (available here) and answer the following questions.

To poke through the trace file, you are going to want to enlist the help of Ethereal or tcpdump. Ethereal is installed on the PUPs cluster in the basement of Gates. We highly recommend that you use etherel because it has much more comprehensive functionality for decoding packets.

Hints:

Deliverables

A writeup (README.1) which answers each of the questions posed above.