0% found this document useful (0 votes)
121 views

Network Assignment 2 Name: Shyam Sunder Singh Roll No: 09010149

The document is a network trace analysis report containing 18 sections that analyze various metrics of the trace including packet counts, MAC and IP addresses, protocol and port usage, packet sizes and a TCP stream analysis. Key findings are that the trace contained 7311 packets with an average size of 454.895 bytes, 112 unique IP addresses were observed, 69.80% of packets used TCP at the transport layer with protocols including HTTP, FTP and SMTP, and the most data was exchanged between IP addresses 10.12.0.24 and 172.16.27.190 totalling 3021200 bytes.

Uploaded by

Naresh Mehra
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
121 views

Network Assignment 2 Name: Shyam Sunder Singh Roll No: 09010149

The document is a network trace analysis report containing 18 sections that analyze various metrics of the trace including packet counts, MAC and IP addresses, protocol and port usage, packet sizes and a TCP stream analysis. Key findings are that the trace contained 7311 packets with an average size of 454.895 bytes, 112 unique IP addresses were observed, 69.80% of packets used TCP at the transport layer with protocols including HTTP, FTP and SMTP, and the most data was exchanged between IP addresses 10.12.0.24 and 172.16.27.190 totalling 3021200 bytes.

Uploaded by

Naresh Mehra
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Network Assignment 2

Name : Shyam sunder singh


Roll no : 09010149
1) The packets in the trace are 7311.
2) The average size of packets in the trace is 454.895 bytes.
3)
MAC address:
00:01:f4:38:95:19
00:23:ae:40:80:b1
ff:ff:ff:ff:ff:ff
44:1e:a1:db:ed:a1
01:00:5e:00:00:fc
33:33:00:01:00:03
88:ae:1d:db:6c:a2
c8:0a:a9:8e:bd:a3
01:00:5e:7f:ff:fa
54:42:49:67:0e:a7
20:fd:f1:1f:5a:f5
01:80:c2:00:00:00
33:33:00:01:00:02
00:1e:ec:a8:f6:e6
10:78:d2:26:4f:32
00:23:5a:b3:63:73
00:24:be:84:60:af

9c:8e:99:37:f5:42
33:33:00:00:00:0c
b8:ac:6f:76:21:cb
00:1b:38:04:b8:5c
44:1e:a1:d8:e7:e7
00:26:b9:03:84:8f
00:25:64:3e:63:e2
14:da:e9:5d:6b:1f
00:1b:38:3a:6f:85
00:22:19:ea:cc:e6
00:25:11:03:f9:81
33:33:00:00:00:16
33:33:ff:c8:22:09
14:da:e9:b4:92:97
00:1d:09:4c:59:4c
00:30:18:a7:78:b4
01:00:5e:00:00:fb
54:42:49:f2:90:f5
00:1b:38:9c:d7:6a
00:1e:ec:c7:75:9d
00:22:20:00:1a:a0
78:2b:cb:ee:42:60
00:23:5a:23:c1:1e
00:26:b9:04:28:ea
33:33:ff:b3:9f:9a
44:1e:a1:d7:48:b2

00:22:19:f9:5a:a1
01:00:5e:7f:ff:ef
33:33:ff:04:a6:d0
33:33:ff:0c:d0:16
33:33:ff:51:2f:e9
33:33:ff:cf:49:e4
00:04:96:34:88:1f
00:e0:2b:00:00:00
20:fd:f1:1f:4e:95
20:fd:f1:1f:50:0b
20:fd:f1:1f:50:b5
20:fd:f1:1f:53:c3
20:fd:f1:1f:54:29
20:fd:f1:1f:58:47
20:fd:f1:1f:58:69
20:fd:f1:1f:5d:0f
20:fd:f1:1f:5e:85
20:fd:f1:1f:62:5f
20:fd:f1:1f:71:a5
20:fd:f1:1f:84:e7
20:fd:f1:1f:93:a5
20:fd:f1:1f:97:a1
20:fd:f1:1f:97:c3
20:fd:f1:1f:98:b1
20:fd:f1:1f:99:39
20:fd:f1:1f:9e:cd

20:fd:f1:1f:a5:b5
20:fd:f1:1f:a7:09
01:80:c2:00:00:0a
33:33:ff:a6:1b:1e
c8:0a:a9:5d:d6:03
01:00:5e:00:00:16
20:fd:f1:1f:70:95
20:fd:f1:1f:80:85
33:33:00:00:00:01
33:33:00:00:00:02
33:33:ff:28:ab:42
33:33:ff:3f:8d:0d
33:33:ff:e1:c7:fb
00:1d:72:73:4c:1c
00:1f:16:a8:9c:df
01:00:5e:00:00:02
01:00:5e:40:00:00
01:00:5e:40:98:8f
14:fe:b5:a1:7f:04
20:fd:f1:1f:a2:41
33:33:ff:51:5c:9a
33:33:ff:ad:b7:8b
60:eb:69:e7:3e:9a

4) IP addresses in the trace is 112.


5)
MAC Address

IP Address

20:fd:f1:1f:a2:41

169.254.162.64

00:23:ae:40:80:b1

10.12.0.24

00:01:f4:38:95:19

202.141.81.2

88:ae:1d:db:6c:a2

10.12.2.39

00:23:5a:b3:63:73

10.12.3.42

54:42:49:67:0e:a7

10.12.10.55

20:fd:f1:1f:70:95

169.254.112.148

00:01:f4:38:95:19

172.16.27.190

b8:ac:6f:76:21:cb

10.12.11.65

6)
IPv6 - 6.50
IPv4 - 90.81
7) The fraction of packets uses TCP at the transport layer is 69.80.
8) The application layer protocols that Ethereal identifies as using TCP are :
HTTP
FTP
SMTP l
ANCP
TLSv1
DPLAY
RELOAD Fl

9) The application layer protocols that Ethereal identifies as using UDP

DNS
RIP
SNMP
DHCP
TFTP
DHCPv6
SSDP
LLMNR
NBNS
ICMP
MDNS
10)
IPv4
IPv6
IGMP
ICMPv6
ICMP
11)
ARP
STP
12)

802

13)
>200 = 117
==128 = 553
==48 = 0

14)
a) The size of the Ethernet header is 14 .
b) The size of the IP header is 40 bytes.
c) The size of the IP datagram is (40 + 32) = 72 bytes.
d) The size of the TCP header is 0 bytes.
e) The size of the TCP segment is 0 bytes.

15)

No. of Packets
3500
3000
2500
2000
1500
1000
500
0
0-19

20-39

40-79

80-159

160-319

320-639

640-1279 1280-2559 2560-5119

16) The most bytes is exchanged between 10.12.0.24 and 172.16.27.190 and the bytes exchanged is 3021200
bytes.

pdf of ip datagram lengths


3000
2500
2000
1500
1000
500
0

17) Following the TCP stream of various packets, we observed the following :
1) Mostly Mozilla Firefox was used as browser.
2) Some of the visited sites are : mail.google.com, www.google.com, intranet.iitg.ernet.in,
webmail.iitg.ernet.in, www.avast.com
3) Mostly SSL was used for webmail.iitg.ernet.in

18)
a) No (filter used : SSH).
b) Yes and the browser used was Firefox 8.0
c) no media streaming activity present.
d) No (filter used : SMTP).

*********END*********

You might also like