Lab 10.1: UDP Traffic Capture - savannahc502/SavC-TechJournal-NET215 GitHub Wiki
Lab 10-1 UDP Traffic Capture
Objective: "Analyze traffic captures to decode UDP headers and observe UDP network communications."
- Performed
nslookupon www.nhregister.com - Filtered Wireshark with
udp - Screenshot of the
nslookuprequest - Notice the UDP header lists a source port of 59159 and destination port of 53
- Performed
ipconfig /renew - Filtered Wireshark for
dhcp - Screenshot of the DHCP Request that occurs after a renewal request
- Notice the UDP header lists a source port of 68 and destination port 67
w32tm /stripchart /computer:time.nist.gov /samples:5- This command will compare (stripchart) your workstation's time with that of the NIST server 5 (samples) times
- NTP (Network Time Protocol Packets)
- NTP is another example of a "request/response" protocol using the low overhead of UDP
- You can see the five samples above
- Notice the UDP header lists a source port of 63883 and destination port 123