Scribd
Upload
15 views

FIT1047 Sample Test Tutorial

The document is a tutorial for a sample test covering network traffic analysis using Wireshark and security mechanisms including RSA and Diffie-Hellman. It provides detailed tasks for identifying MAC and IP addresses, analyzing TCP frames, and performing RSA encryption and decryption. Additionally, it includes a section on symmetric ciphers and the Caesar Cipher for encryption of plaintext.

Uploaded by

Seven LL
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
15 views

FIT1047 Sample Test Tutorial

The document is a tutorial for a sample test covering network traffic analysis using Wireshark and security mechanisms including RSA and Diffie-Hellman. It provides detailed tasks for identifying MAC and IP addresses, analyzing TCP frames, and performing RSA encryption and decryption. Additionally, it includes a section on symmetric ciphers and the Caesar Cipher for encryption of plaintext.

Uploaded by

Seven LL
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Sample Test Tutorial:

Q1 - Network Traffic Analysis using Wireshark

Task 1: Data Link Layer


Using the information contained in the PCAP file, identify the MAC addresses of the
following nodes. The answers are not case-sensitive.
Note: Include colon (:) as the separator for all MAC addresses (e.g. AA:BB:CC:DD:EE:00)

MAC address of Hera:

●​ Find Hera in the info column


●​ The mac address is 10:98:36:af:ef:9a

MAC address of the Intranet server:


●​ Find intranet in the info column
●​ The mac address is 00:19:bb:9b:05:9b

Task 2: Network Layer


IP address of Hera:

●​ Find Hera in the info column


●​ The IP address is 130.166.120.70

IP address of the external web server (www.luna.net):

●​ Find www.luna.net in the info column


●​ IP address is 149.90.40.13

Find everyone else’s IP and MAC address

Get Apollo's IP and MAC address through Statistics > Endpoints > IPv4.11 and see whose
IP address is similar to Zeus and Hera's but not used yet.

Task 3: Transport and Application Layers


Visiting a Web Server
Identify the frames of Apollo's visit to the organisation intranet server (the node named
Intranet in the diagram) and fill out the following fields. Frame numbers refer to the
Wireshark numbering (leftmost column).

a) Identify the first frame that initiates the connection. Enter the frame number:
●​ Find a TCP frame that has the source of Apollo (130.166.120.72) and destination of
Intranet (130.166.120.11)
●​ Frame is 277

The client port number:


●​ Look at the info column of the frame
●​ 52950 -> 80
●​ Client port number is 52950

The 32-bit raw sequence number in hex including leading zeros (e.g. 00aabbcc):

●​ Click frame 277


●​ Go to the TCP layer
●​ Find the raw sequence number
●​ Right-click > Copy > Value
●​ Convert the decimal to hex
●​ https://www.rapidtables.com/convert/number/decimal-to-hex.html?x=261687996
●​ 261687996 -> 0F990ABC (Hex signed 2's complement (8 digits))
●​ The 32-bit raw sequence number is 0F990ABC

b) Identify the frame of the GET request for the default HTML page. Enter the full
request URI:
●​ Find the first GET request after frame 277
●​ Click the frame, open the HTP layer
●​ Full request URI: http://intranet.juno.io/

Enter the size (in bytes) of the application layer message:

●​ Click on the GET request frame


●​ Open the TCP Layer
●​ Look at the last line
●​ TCP payload (143 bytes)
●​ The size of the message is 143 bytes

c) Identify the frame of the server response containing the HTML page.

Enter the size (in bytes) of the application layer message:


●​ Click on the HTTP response frame
●​ Open the TCP Layer
●​ Look at the last line
●​ TCP payload (495 bytes)
●​ The size of the message is 495 bytes

The HTML page content has a 16-digit hex value as a flag. Enter the flag:

●​ Right click the GET request frame


●​ Follow > HTTP Stream
●​ <p> Intranet html flag is F605022455DBE882</p>
●​ The flag is F605022455DBE882

Sending an email
Identify the frames of the email sent from Apollo using the Mail server.
Find the frame that contains the email address of the recipient and enter it here
(without < and >):

●​ Find a SMTP frame that has something to do with apollo OR just find a SMTP frame
with recipient
●​ Right-click > Follow > TCP Stream
●​ Look through the TCP stream and find the recipient email address
●​ Email address is [email protected]

Q2 - Security Mechanisms
https://www.boxentriq.com/code-breaking/modular-exponentiation

Task 1: RSA
1. Alice has chosen two prime numbers: 10429 and 13901. She generates her RSA private
key (n, d) as (144973529, 103535143) and her public key (n, e) as (144973529, 7).
Bob has chosen two prime numbers, 15971 and 10589. He generates his RSA private key
(n, d) as (169116919, 112726907) and his public key (n, e) as (169116919, 3).

Alice wants to send c1, the encryption of the plaintext message m1 = 106481967, to Bob
using RSA public key encryption. What is this ciphertext c1?
c1:

●​ Encryption of m1 = 106481967 by Alice for Bob


●​ Bob's public key: (n, e) = (169116919, 3)
●​ c1 = 106481967^3 mod 169116919
●​ Result = 106458797

2. Using the above key pairs, Bob sends another ciphertext c2 = 92608410 to Alice using
RSA public key encryption. What is the corresponding plaintext m2 (the decryption of
ciphertext c2)?
c2:
●​ Decryption c2 = 92608410 sent by Bob to Alice
●​ Alice's private key: (n, d) = (144973529, 103535143)
●​ m2 = 92608410^103535143 mod 144973529
●​ Result = 86567260

3. Using the above key pairs again, Bob wants to sign a message using the RSA signature
scheme. The hash of the message is 74157331. What is the resulting signature s?
s:

●​ Signing the hash h=74157331 by Bob


●​ Bob's private key: (n, d) = (169116919, 112726907)
●​ s = 74157331^112726907 mod 169116919
●​ Result = 5964153

Task 2: Diffie-Hellman
4. Carol and David want to conduct the Diffie-Hellman Key Exchange to establish a common
key. They first share the same discrete logarithm (DL) key parameters, namely p = 49033
and g = 10. Carol chooses her DL private key as 25748. What is her public key YC?
YC:

●​ Y = 10^25748 mod 49033


●​ Result = 22092

5. David’s public key is 115. Carol and David want to establish a common key K using
Diffie-Hellman Key Exchange. What is this common key K?
K:
●​ K= 115^25748 mod 49033
●​ Result = 46008

Task 3: Symmetric Cipher


6. Let KC = (K mod 20) + 5, where K is your answer in Question 5. Let KC be the key of the
Caesar Cipher symmetric encryption scheme.

Use KC to encrypt the plaintext SKY (no spaces and no other characters or punctuation).
What is the resulting ciphertext CC?

In Caesar Cipher, for example, if KC = 2,

A is encrypted to be C.

B is encrypted to be D.

………

X is encrypted to be Z.

Y is encrypted to be A.

Z is encrypted to be B.

CC:
●​ K = 46008
●​ KC = (46008 mod 20) + 5
●​ KC = 13
●​ https://www.cryptool.org/en/cto/caesar/
●​ Key = 13,
●​ SKY -> FXL

You might also like