(Solved) You are required to write a paper titled: A technical investigation into performing and managing packet capture using tshark and editcap.

You are required to write a paper titled: A technical investigation into performing and managing packet capture using tshark and editcap.

 

tshark has the ability to perform packet capture from the command line with all the features of WireShark, but without the overheads of the GUI, making it very useful as a remote packet capture agent. In this assignment, you should focus on using it with editcap to capture live packet data, and manipulate that data in pcap files.

 

TASK

 

You are required to investigate the following three scanning techniques.

 

  • Using tshark capture filters - capture only ICMP and DHCP protocols into a PCAP file (note â you may need to renew your DHCP lease and perform ping operations during your capture to provide interesting data)
  • Capture and Decode WiFi 802.11b/g frames using tshark with a known WiFi key (passphrase)
  • Using the editcap tool to trim an existing PCAP file (for example, trimming the ICMP and DHCP PCAP file above to contain only DHCP information).

 

The paper should cover the investigation of the tshark tool (command line options etc.) and how it performs the packet captures (network analysis). The paper should also include possible countermeasures to prevent or inhibit the tool in carrying-out the sniffing of private data (e.g. switched architecture, promiscuous mode detection, encryption, etc.).

 

Your paper should briefly discuss the 3 protocols of interest (WiFi 802.11b/g, DHCP and ICMP), making reference to the protocol standards and their intended purpose. The report should discuss the usefulness of the information carried by these protocols to the hacker.

 

You should use the command line version of tshark to carry out the investigation. It is important that you highlight the effect the scans have on the network traffic and the effects any countermeasures have (essential part of your reports).


The report you develop must be in IEEE format an indicative list of sections for the report are:

 

÷      Title

÷      Abstract

÷      Introduction

÷      Protocol Scope

÷      Protocol Standards

÷      Toolset/Attack Software

÷      Toolset/Attack Effects

÷      Counter Measure Techniques

÷      Counter Measure Effects

÷      Conclusion

÷      References

÷      Appendix

 


Solution details:
STATUS
Answered
QUALITY
Approved
ANSWER RATING

This question was answered on: Mar 27, 2022

PRICE: $18

Solution~000200241421.zip (25.37 KB)

Buy this answer for only: $18

This attachment is locked

We have a ready expert answer for this paper which you can use for in-depth understanding, research editing or paraphrasing. You can buy it or order for a fresh, original and plagiarism-free solution (Deadline assured. Flexible pricing. TurnItIn Report provided)

Pay using PayPal (No PayPal account Required) or your credit card . All your purchases are securely protected by .
SiteLock

About this Question

STATUS

Answered

QUALITY

Approved

DATE ANSWERED

Mar 27, 2022

EXPERT

Tutor

ANSWER RATING

GET INSTANT HELP

We have top-notch tutors who can do your essay/homework for you at a reasonable cost and then you can simply use that essay as a template to build your own arguments.

You can also use these solutions:

  • As a reference for in-depth understanding of the subject.
  • As a source of ideas / reasoning for your own research (if properly referenced)
  • For editing and paraphrasing (check your institution's definition of plagiarism and recommended paraphrase).
This we believe is a better way of understanding a problem and makes use of the efficiency of time of the student.

Order-Now