Lab 2 2 Observing LAN Activity - devinziegler/Devin-Tech-Journal GitHub Wiki

Assignment Observe LAN Activity

• In this lab, I examined the MAC addresses of my local machine and the default gateway using Wireshark.

Problems Encountered:

• Luckily I did not encounter any problems. Everything went smoothly and the instructions were quite clear.

Helpful Commands:

ip route show

• This command will show your default gateway

Helpful Steps:

• Start ping after opening Wireshark so you can watch for activity.

• Ping requests will show up above the reply in Wireshark

Tech Journal Responses:

• A MAC address is the physical address of your system. These addresses are assigned to your network interface controller (NIC) by the manufacturer. MAC addresses are made up of 12 hexadecimal digits grouped into pairs. EX 00:00:00:00:00:00. In a LAN, systems can communicate using MAC addresses instead of IP addresses. If you want to connect your system to the internet, you need an IP address. The only way to legitematly change your MAC address is by replacing the network interface controller in your system.
• A command that can be used to find your MAC on a Linux system is ifconfig. The results will be your systems IP address and your systems MAC address.
• Wireshark is a packet analyzer. For this lab I used Wireshark to determine the Source and Destination MAC addresses when pinging a system. I did this by looking for the ICMP ping request and response inside Wireshark, after I set it to capture mode using the eth0 interface.
• An easy way to find a protocol in Wireshark is by using the display filter. Type the protocol in the search box and use the arrow to search. For this assignment I was searching for ICMP (Internet Control Message Protocol).