Lab 2 2 Observing LAN Activity - Shadowsarespooky/TechJournal GitHub Wiki

Lab 2-2 - Observing LAN Activity

Objective:

In this lab, students will observe traffic in a simple LAN

Goals:

• Understand the role of MAC addresses in LAN communication
• Observe ARP communication
• Introduce basic features of Wireshark and traffic analysis

Summary

In this lab I used Wireshark on my Windows VM to ping the Default Gateway and ping an Outside LAN IP Address. I have used the ping command before, and this is a good reminder of what we can and use the ping command for. The ping command is good for getting information about another website or another network. No problems encountered during this lab.

Consider:

What is a MAC address and what are its components?

The MAC address is the unique identifier of a device made up of 12 digit hexadecimal number. The first 6 digits is used to identify the manufacturer, called the OUI (Organizational Unique Identifier). The last 6 digits are the Network Interface Controller, a unique set of numbers assigned by the manufacturer.

How to get a MAC address?

There's a few ways you can get the MAC address of your device. One way is to find it in your network and internet settings. Another is to use the terminal and use the appropriate command for your OS, for windows that being ipconfig /all.

What is Wireshark and how to use it?

Wireshark is a free program that lets users capture network activity and see what information is stored in packets. You use it by selecting a network from what is available to you and click on the blue fin to start capturing packets off of that network. Then you get all the packets currently travelling through the network and you can see what IP address sent what to where.

How to find a protocol in Wireshark?

There is a search bar on the top that you can type in a specific kind of packet to only see those, such as TCP or UDP in the search bar will only show those types of packets.