This lab involves analysis of two packet capture (pcap) files (SNMP_Sample.cap and HTTP_Sample.cap) using the Wireshark network analysis tool. The pcap files are available on Blackboard as attachments to the project assignment. Open each file in Wireshark and use it to determine answers to the questions below the underlined file name.

Turn-in Requirements: To complete the assignment, upload a Word (.docx) or Adobe (.pdf) file with answers to the numbered questions as your submission to this assignment in Blackboard.

SNMP_Sample
1. (2 pts) Examine the details in the first packet. What transport layer protocol is being used?
2. (4 pts) What is the first packet’s destination port number? What is the significance, if any, of this port number?
3. (4 pts) What is the first packet’s source port number? What is the significance, if any, of this port number?
4. (6 pts) Consider all 8 packets in this pcap file. Taken together, are they part of a connection-oriented message between two endpoints? Why or why not?
5. (4 pts) Research and provide a brief description of a common SNMP security vulnerability?

HTTP_Sample
6. (2 pts) Examine the details in the first packet. What transport layer protocol is being used?
7. (4 pts) What is the first packet’s destination port number? What is the significance, if any, of this port number?
8. (4 pts) What is the first packet’s source port number?
9. (6 pts) Examine the first 3 packets. What transport layer flags are set and what does this sequence of packets represent in terms of a connection-oriented messaging session? Which IP address initiated this connection?
10. (4 pts) Research and provide a brief description of a common HTTP security vulnerability?