SchoolProjects.txt

Lab 03– Filtering ARP Packets with Wireshark

Introduction 

In this lab I downloaded wireshark and learned how to filter my network traffic with certain commands like ARP.

Breakpoint 1  

For this breakpoint I downloaded wireshark, I did not have any trouble downloading it, I downloaded it for windows.

Breakpoint 2 

In this breakpoint I captured my first traffic using wireshark. I found my IP address sending packets using TCP.

Breakpoint 3 

In this breakpoint I found a Sagemcom broadcasting device, which I assume is my router. Other than my PC talking to the router, and the occasional Espressif source which is  my smart lights, there is not much going on. 

This screenshot shows arp being filtered in wireshark.

Breakpoint 4 

The Request

• Hardware Type: Ethernet(1)

• Protocol Type: IPv4 (0x0800)

• Sender MAC address: SagemcomBroa_80:5e:3e (4c:19:5d:80:5e:3e)

• Sender IP address: 192.168.1.1

• Target MAC address: 00:00:00_00:00:00 (00:00:00:00:00:00)

• Target IP address: 192.168.1.201

• Opcode: request (1)

The Reply

• Hardware type: Ethernet (1)

• Protocol type: IPv4 (0x0800)

• Sender MAC address: Intel_4f:fe:84 (80:b6:55:4f:fe:84)

• Sender IP address: 192.168.1.201

• Target MAC address: SagemcomBroa_80:5e:3e (4c:19:5d:80:5e:3e)

• Target IP address: 192.168.1.1

• Opcode: reply (2)

Breakpoint 5 

I find that the instant response of wireshark showing what it captures in realtime to be quite nice. It also is easier to understand with the “Who has” and “Tell”. I recognize the IP addresses on my network. 

Breakpoint 4 

In this breakpoint I filtered all of the slack logs using the word “help” both capital and lowercase, it includes all words including help like helped, helping, helps, ect.

Breakpoint 5 

This was my first time writing a bash script and I really enjoyed it. The script filtered out the files by slashes, quotes, urls, and whitespaces.