Even complicated and confusing topics will be easily developed and covered if you request our help writing an essay. Place an order today!

Questions:

1. Describe what the term promiscuous mode means in relation to capturing network traffic with Wireshark and similar network traffic analysers. 

The Capture > Options dialog allows the Name Resolution of Network Layer names. Describe what this means and describe how it could be used for capturing network traffic. 

2. Describe the difference between a network switch and a network hub. Then explain how switched networks limit the network traffic that is visible to Wireshark in comparison to networks that used hubs.  (Note – switches are the technology used in today’s computer networks) 

3. In TCP/IP networking IP addresses are used to identify specific computers (or hosts) on the network, clients use ports numbers to specify a particular instance of a client program (for example a specific tab on a web browser) and servers normally use well known port numbers  on which to listen for client requests. For instance ftp at the server uses ports 20 and 21. 

From the web or any other source determine the well-known port numbers of the following server programs:

  • ftp data
  • ftp control
  • http
  • NTP
  • ssh 

4. Also find the well know port numbers for 6 other network protocols and describe the function that each protocol performs.
 

 

Answers:

Promiscuous mode

The promiscuous mode is the mode which is used to capture the network traffic that is flows through the Ethernet traffic and not the unicast traffic. With the promiscuous mode being activated, the multicast filter is switched off. All the packets that are received are delivered to the host. In case of capturing the traffic in an Ethernet traffic, instead of the Unicast traffic on which Wireshark, multicast and broadcast traffic is maintained, the filter is switched off. So it can be said that the promiscuous mode is necessary to switched on in order to capture the network traffic (Chappell, 2010).

Name Resolution of Network Layer

The name resolution attempts to convert few of the numerical address values into a format that can be read and understood by the humans. The name resolution acts as an interpreter that converts the numerical address value into a form that is readable by the humans. There are two wqays by which this can be done. They are done by calling system or network services or resolve from Wireshark specific configuration. The capture files are used to understand the information that will stay available after the captured packets are saved to a capture file (Merino, 2013). This is helpful in knowing a bit of the capture file content. 

 

Difference between a network switch and a network hub

In case of a network, a device which filters and sends ahead the packets that are between the LAN segments. The switches are operational between the data link layer and the network layer of the OSI model. As a result, it supports the packet protocol. LANs which utilize switches to join segments are referred to as switched LANs or in some cases called as the Ethernet networks or the Ethernet LANs. But a connection point for devices in a certain network in a network is called as the Hub. The Hubs are commonly implemented to connect the segments of a LAN. A Hub contains multiple ports (Orebaugh, Ramirez and Burke, 2007). In case of a hub when a certain packet arrives a port, it is copied to the other ports and shared through the network.

Nowadays, an Ethernet network utilizes switches which connect the Ethernet nodes together. This helps to increase the network performance by a great deal, but it becomes difficult at the time of capturing data using Wireshark. An Ethernet switch does the same job as that of an Ethernet adapter but the function is done inside the switch. The inference can be drawn from the from the traffic seen on the port that unicast address or addresses are utilised by the connector added to the port (Sanders, 2011).

Port numbers of given server programs

Sl. no

servers

port numbers

1

ftp data

20

2

ftp control

21

3

HTTP

80

4

NTP

119

5

SSH

2

Different other well-known port numbers are-

BGP- the short Border Gateway Protocol has port number of 179. It is an exterior gateway routing protocol, which enable groups of routers to share routing information in case of efficient loop free routes, needs to be established. BGP is mostly used within and between internet service providers.

LDAP- the lightweight directory access protocol bears the port number of 389. This port sets the protocols for the accessing of the information directories (Seagren and Noonan, 2006).

DHCP client- the DHCP client is a protocol for the assignment of a dynamic IP address to the devices of a network. It has the port number of 546. With the help of dynamic addressing, it is possible to have different IP addresses at the same time.

SNMP- the simple network management protocol is a set of protocols for the managing of complex networks. It bears the port number of 161.

SQL server- the DBMS which responds to queries from the client machines are formatted in the SQL language. It bears the port number of 156

POP3- the Post Office Protocol is utilised to retrieve e-mail from the email servers in order to keep track of the messages.  

 

References

Banerjee, U., Vashishtha, A. and Saxena, M. (2010). Evaluation of the Capabilities of WireShark as a tool for Intrusion Detection. International Journal of Computer Applications, 6(7), pp.1-5.

Chappell, L. (2010). Wireshark network analysis. San Jose, CA: Protocol Analysis Institute, Chappell University.

Hnatyshin, V. and Lobo, A. (2008). Undergraduate data communications and networking projects using opnet and wireshark software. SIGCSE Bull., 40(1), p.241.

Kumar, A. and Yadav, J. (2016). Comparison: Wireshark on different parameters. International Journal Of Engineering And Computer Science.

testimonials icon
I need help answering this question.Needed within 12 hrs. 1. Why do you think that the Hartford Resolutions turned Americans...
testimonials icon
/*! elementor - v3.6.5 - 27-04-2022 */ .elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading...
testimonials icon
I need week 1 &2 done.(4)discussions(2)quizes...
testimonials icon
I have wrote most of the paper, but it need a lot of editing, fixing and completingthe paper should have:1-cover page and it follows...
testimonials icon
Moore, T.J. & Assay, S.M. (2013) Family Resource Management. Los Angeles: Sage Publications...
testimonials icon
Order Grade A+ Academic Papers Instantly!...
testimonials icon
Running head: WRITING CLASS 21Writing Class 2NamesInstitutional Affiliation:DateWRITING CLASS 22Writing Class 2According to the article, summative as...
testimonials icon
in snoop dogs, short canine teeth (T) is dominant over long canine teeth (t). what percentage of offspring would be expected to have long and short...
testimonials icon
Using specialization hierarchies can provide an efficient application development structure. Justify the use of surrogate primary keys for...
testimonials icon
A major component of the sociological discussion of health and illness concerns an analysis of how problems that were previously not considered med...
testimonials icon
Running Head: SCHEMA THEORYdiscussion 1 week 4 - Schema TheoryNameInstructorCourseDateSCHEMA THEORYSchema theory has an immense potential for applica...
testimonials icon
Running head: THE AMERICAN WOMEN SUFFRAGE MOVEMENTThe American Women Suffrage MovementName:Institution:1THE AMERICAN WOMEN SUFFRAGE MOVEMENT2The Amer...

Other samples, services and questions:

Calculate Price

When you use PaperHelp, you save one valuable — TIME

You can spend it for more important things than paper writing.

Approx. price
$65
Order a paper. Study better. Sleep tight. Calculate Price!
Created with Sketch.
Calculate Price
Approx. price
$65