Description: This lab requires that you do some “hands-on” research regarding the protocols used in the Wireshark captures provided to determine what is happening in the capture. For IT pros, research means going on the web and doing searches to determine how to use IT tools, such as Wireshark. Keep in mind that research and documentation is a big part of what you will do in the real world in your career. You will have to explain to others your findings and propose solutions. “Hands on” means usingyour brain, too! You may collaborate with other students in your class if you like, just make sure to turn in your own work.

Use the capture files “Project Wireshark PCAP Files” in the Lab#5 Module in D2L (you will have to unzip the zip files to extract the individual capture files) to answer the following questions:

Part I – HTTP

1. Review the first capture file (Project Part I-a) and determine what is happening with the HTTPtraffic.
   1. Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)
   2. Take a screenshot of the actual packets within the capture file that you observed this behavior.
2. Review the second capture file (Project Part I-b) and determine what is happening with the HTTP traffic in this capture.

c. How is the traffic different from the first capture? Describe the traffic: what packets are

involved and what is happening? (include source, destination, time of capture)
a. Take a screenshot of the actual packets within the capture file that you observed.

Part II – PPP

1. Review the third capture file (Project Part II-a) and determine what is happening with the PPP traffic in this capture.
   1. Research one of the protocols relating to PPP and describe it here.
   2. Describe the traffic: what packets are involved and what is happening? (include source,destination, time of capture)
   3. Take a screenshot of the actual packets within the capture file that you observed thisbehavior.
2. Review the third capture file (Project Part II-b) and determine what is happening with the PPPtraffic that you are investigating in this capture. What else is involved?

a. Research one of the protocols relating to PPP and describe it here.

1. Describe the traffic: what packets are involved and what is happening? (include source,destination, time of capture)
2. Take a screenshot of the actual packets within the capture file that you observed thisbehavior.

5. Review the third capture file (Project Part II-c) and determine what is happening with the PPP traffic in this capture. What else is involved?
a. Research one of the protocols relating to PPP and describe it here.

1. Describe the traffic: what packets are involved and what is happening? (include source,destination, time of capture)
2. Take a screenshot of the actual packets within the capture file that you observed thisbehavior.

Part III – 802.11

1. Review the first capture file (Nokia) and determine what is happening with the 802.11 traffic.Hint: use the Analyze/Conversation Filter
   1. Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)
   2. Take a screenshot of the actual packets within the capture file that you observed this behavior.
2. Review the second capture file (wpa) and determine what is happening with the WPA traffic in this capture. (password is “Induction”). Hint: Use Edit->preferences, Protocol IEEE 802.11, decryption with “Induction”); Look at the packets prior to and after decryption. Use this https://wiki.wireshark.org/HowToDecrypt802.11 . You are STILL required to answer the following questions in your own words and provide a screenshot!

f. What do you different once you have decrypted the packets? What is decrypted and what is happening? (include source, destination, time of capture)

h. Take a screenshot of the actual packets within the capture file that you observed.