Assignment 2

1 files changed, 68 insertions, 0 deletions

diff --git a/netsec-assignment2-S4498062/exercise3/exercise3d b/netsec-assignment2-S4498062/exercise3/exercise3d
new file mode 100644
index 0000000..26dea2d
--- /dev/null
+++ b/netsec-assignment2-S4498062/exercise3/exercise3d
@@ -0,0 +1,68 @@
+The comments summary:
+
+    Summary created by Wireshark  (Git Rev Unknown from unknown)
+    
+    File: 
+       Name: /.../netsec-assignment2-S4498062/exercise3/outputnetsec-01-dec.cap
+       Length: 140897136 bytes
+       Format: Wireshark/tcpdump/... - pcap
+       Encapsulation: IEEE 802.11 Wireless LAN
+       Packet size limit: 65535 bytes
+    
+    
+    Time:
+       First packet: 2015-09-11 08:52:12
+       Last packet: 2015-09-11 09:16:57
+       Elapsed: 00:24:45
+    
+    
+    Capture:
+    
+       Unknown interface:
+          Dropped packets: unknown
+          Capture filter: unknown
+          Link type: IEEE 802.11 Wireless LAN
+          Packet size limit 65535 bytes
+    
+    Statistics:
+       Packets: 200052
+       Between first and last packet:1485.708 sec
+       Avg. packets/sec: 134.651
+       Avg packet size: 688.302 bytes
+       Bytes: 137696296
+       Avg bytes/sec: 92680.617
+       Avg Mbit/sec: 0.741
+
+The IP conversations:
+
+    "Address A","Address B","Packets","Bytes","Packets A→B","Bytes A→B","Packets A←B","Bytes A←B","Rel Start","Duration","bps A→B","bps A←B"
+    "192.168.84.40","192.168.84.79","4743","550188","2791","323756","1952","226432","0.000000000","1485.2227","1743.88","1219.65"
+    "192.168.84.51","192.168.84.68","97598","57695108","61316","5156724","36282","52538384","-0.000003000","1485.7076","27767.10","282900.27"
+    "192.168.84.10","192.168.84.62","85260","78089584","51881","75285124","33379","2804460","-0.000004000","1485.6989","405385.64","15101.10"
+    "192.168.84.10","192.168.84.47","5570","646120","2788","323408","2782","322712","0.066556000","1485.1628","1742.07","1738.33"
+    "192.168.84.10","192.168.84.60","4682","543112","2721","315636","1961","227476","0.975936000","1484.1761","1701.34","1226.14"
+    "192.168.84.10","192.168.84.56","1832","150164","919","66168","913","83996","1.014845000","1482.2693","357.12","453.34"
+
+Conversation .10 and .62:
+    
+    These clients only use TCP. The data seems to be hexadecimal ascii
+    characters. I did not convert that to see what they're sending.
+
+Conversation .51 and .68:
+
+    This is similar to the one above.
+
+The protocol hierarchy looks more interesting now (percentages are given in % 
+packets):
+
+    - There's some ARP messages (0.18%)
+    - But mostly IP (99.82%)
+    - Of which most are TCP (92.32%)
+    - But also some ICMP (7.5%)
+
+NOTE:
+As it turns out, there was something wrong with the network when I sniffed. Another student had the same problem, but retrying later gave
+him UDP packets with something like "Insert your student number here". I did not have the time to sniff again and look at the details again.
+As a result, I didn't understand what was the point of exercise 4b (see note there as well).
+As a proof, I can send you the cap file. Because of its size I will only do that on request (info@camilstaps.nl).
+