Lab 2‐2: Observing LAN Activity - sthompson2752/Network-Fundamentals GitHub Wiki

Lab 2-2 involved using Wireshark for the first time to view the movement of packets and how MAC addresses (layer 2) and IP addresses (layer 3) actively work within a computer.

Useful Commands/Instructions: ip show all: This is the same as ipconfig /all but for Kali instead physical address: This is the same as the MAC address MAC address is layer 2 (data link), IP address is layer 3 (network) - OSI = physical, data link, network, transport, session, presentation, and application MAC addresses have 48 bits, IPv4 have 32, and IPv6 have 128

What is a MAC address and what are its components? A media access control address, or MAC address, is an identifying network address for the network interface controller (NIC) that is twelve hexadecimal digits long. It is made of six hex digits at the beginning that represent the NIC's vendor/manufacturer and six following digits that represent the serial number assigned to that specific device.

How to get a MAC address. To get a MAC address on a Windows device, enter into the command prompt and type ipconfig /all. Under "Ethernet adapter Ethernet", find "physical address". This is the MAC address.

What is Wireshark and how to use it. Wireshark is a packet analyzer that allows users to see packets moving within a computer and all the information carried in them. To use Wireshark (in this lab specifically), open a capture of the Ethernet interface (eth0). From there, ping various addresses in the terminal and analyze how the packets are sent by watching them appear in Wireshark.

How to find a protocol in Wireshark. To find a protocol in Wireshark, the user can type the desired protocol name in the "Apply a display filer" search bar. This will filer information down just to the protocol the user is looking for.

For this lab, I had to use Kali for the first time. This is the reason why this lab took me a little bit longer. I needed to learn to work my way around Kali since I am only used to Windows.