Question 1 – Address usage
This assessment task requires you to demonstrate your knowledge of basic routing concepts by completing a number of exercise questions. The questions contain numerical as well as descriptive questions covering the material up to Week 6.
The questions are designed to help you to achieve the unit learning outcomes as listed in the unit profile.
Instructions
You must do this assignment on your own – it is not a group assignment.
Type all your answers in the ‘Template for Your Answers’ Section of this document and upload only that template. You could do that by copying the Template section into a new Word document for uploading. Answers that are not typed into the “Template for Your Answers” section may not be marked, or may be returned to you for re-typing and re-submission – late penalties will apply.
Where instructed, you must show the steps you took to arrive at your answers. Write your answers in your own words to avoid potential plagiarism and copyright violations.
You must submit the Answer section as a Word file (.doc or .docx). Do not submit PDF’s or any other type of file without express permission from the Unit Coordinator.
Plagiarism Procedures can be found in the CQUniversity Policies section of the Unit Profile.
There are 3 main questions with some sub-questions and the requirements are stated for each one. You must answer all questions and their sub-questions. Marks are indicated in the Answer Template.
The questions will be marked on correctness, logic and clarity, and addressing all parts of the question.
The Assignment Questions begin on the next page.
USE THE PROVIDED TEMPLATE ON P.4 FOR ALL YOUR ANSWERS.
Question 1 – Address usage (3 marks)
Consider the following classless address block:
List the addresses from this block that would be used as:
- the network address,
- the direct broadcast address, and
- the range available for hosts to use
Show the steps you took to arrive at your answers.
Question 2– Allocating subnets from a block (8 marks)
A company has been granted a block of addresses which includes the address 138.77.216.5/24. Answer the following questions, showing your calculations.
- Calculate the network address of this block and how many host addresses including special addresses this block can provide (1 mark)
- Create the following 6 subnets for this company by calculating the subnet address for each subnet. Answer this question by filling in the table in the Answer template. Use CIDR format for the mask.
- 2 subnets with 32 addresses each (2 marks)
- 4 subnets with 16 addresses each (4 marks)
- After some time, the company decides that it wants another subnet with 1,024 addresses. Explain whether this can be allocated from the existing block. (1 mark)
Question 3 – Network Tools (Windows) (4 marks)
Often the best way to gain an initial familiarity with network tools is to simply use them, at a basic level in exploratory mode as suggested in some of the tutorial exercises. Netstat and Tracert are included in Windows, while Wireshark is free to download and install. Explore Wireshark, Netstat and Tracert, then complete this question.
- A wireshark scan has produced a packet capture, saved to a file named pcapngand available on the Unit website. Download the file and open it in Wireshark, then answer these questions about the scan:
- Very briefly summarise in your own words the content in each of the three horizontal display windows in Wireshark (.5 mark)
- In Frame 3, what brand of computer launched this scan and what was its IP address? State where this information is found (.5 mark)
- Briefly explain the exchange event captured in frames 4 – 6 (.5 mark)
- Describe in your own words two specific network problems that a network administrator could use Wireshark for as a troubleshooting tool? (.5 mark)
- A ‘NETSTAT –aon’ command has given the output below (excerpted). Briefly describe each column heading, and the states LISTENING, ESTABLISHED and CLOSE_WAIT. (1 mark)
Active Connections
Proto Local Address Foreign Address State PID
TCP 10.0.0.58:139 0.0.0.0:0 LISTENING
TCP 10.0.0.58:5040 0.0.0.0:0 LISTENING 7480
TCP 10.0.0.118:139 0.0.0.0:0 LISTENING 4
TCP 10.0.0.118:52450 52.63.165.133:443 ESTABLISHED 14080
TCP 10.0.0.118:52458 104.116.191.195:443 CLOSE_WAIT 8912
TCP 10.0.0.118:52791 40.100.151.2:443 ESTABLISHED 22400
TCP 10.0.0.118:52811 162.125.34.129:443 ESTABLISHED 4696
TCP 10.0.0.118:52820 34.232.224.128:443 CLOSE_WAIT 4696
TCP 10.0.0.118:52879 162.125.34.129:443 ESTABLISHED 4696
Do a TRACERT on your computer to www.google.com. Paste the output to your assignment answer template and discuss the information being displayed (1 mark)
TEMPLATE FOR YOUR ANSWERS
Type your answers in this section in the spaces provided
|
Question Number |
Mark allocated |
Mark earned |
|||||||||||||||||||||||||||||
|
Question 1: (3 marks) |
3 |
||||||||||||||||||||||||||||||
|
a) b) c) |
Given classless address block – 154.78.177.3 /27 Address: 154.78.177.3 10011010.01001110.10110001.000 00011 Netmask: 255.255.255.224 = 27 11111111.11111111.11111111.111 00000 Wildcard: 0.0.0.31 00000000.00000000.00000000.000 11111 => Network: 154.78.177.0/27 10011010.01001110.10110001.000 00000 (Class B) Broadcast: 154.78.177.31 10011010.01001110.10110001.000 11111 HostMin: 154.78.177.1 10011010.01001110.10110001.000 00001 HostMax: 154.78.177.30 10011010.01001110.10110001.000 11110 Hosts/Net: 30 The address from the block that would be used as the network address is 154.78.177.0 /27 The address from the block that would be used as the direct broadcast address is 154.78.177.31 The address from the block that would be used as the range of available host to use is HostMin: 154.78.177.1 – HostMax: 154.78.177.30 |
1 mark each item, total 3 |
|||||||||||||||||||||||||||||
|
Question 2: (8 marks) |
8 |
||||||||||||||||||||||||||||||
|
a) |
Given block of address – 138.77.216.5 /24 The network address for the block is 138.77.216.0 /24 The number of host including the special address that can be provided by the block is 256. |
1 |
|||||||||||||||||||||||||||||
|
b) |
|
6 |
|||||||||||||||||||||||||||||
|
c) |
For the inclusion of additional subnet using the network address 138.77.216.0 having the subnet mask /24 it fails because for the subnet mask 255.255.255.0. There are only 254 number of usable host address that can be allocated but the 6 |
1 |
|||||||||||||||||||||||||||||
|
Question 3: (4 marks) |
4 |
||||||||||||||||||||||||||||||
|
a) i) ii) iii) |
The interface of the wireshark consists of three horizontal panels, the first panel is names as the “packet list pane”, the second panel is the “packet details Pane” and the third is the “packet byte pane”. In the packet list pane the captured packets are demonstrated and on the selection of a packet the details of the packets is displayed on the packet details pane next to it. The packet details pane shows the generated fields and the links such as TCP information, IP address and validation checksum. The packet byte pane displays a hex dump of the data in a set of 16 hexadecimal bytes and 16 ASCII bytes. From analysis of the wire shark packet the brand of computer that launched the scan can be identified along with the IP address. The details of the brand and the IP address are given below: Brand – Hewlett (Found on expanding the Ethernet II) IP address – 138.77.216.88 (Found on expanding the internet protocol version 4) For explaining the details of the packet captured from frame 4 to 6 the .pcap file is analyzed and it is found that in the frame 4, a hello message is sent to the client from the server for establishing connection between the client and the server. A packet with a header file containing the protocol version, compression methodology, certificate request, session ID and cipher suite is sent. The 5th frame verifies the certificate sent and in the 6the frame the “hello message done” is forwarded for establishment of the connection and completion of the verification. The wireshark helps the network administrator for identification of the flow of data packets in the network and resolving different issues such as DDoS and Phishing attacks. The network administrator can monitor the network and identify any intrusion and handling the data traffic efficiently. |
.5 mark each item, total 2 for 3a. |
|||||||||||||||||||||||||||||
|
b) |
Proto Column is the first column found after the execution of the netstat –a command listing all the IP addresses with the corresponding port number. The proto column is the short form of protocol and is used for listing the TCP or the UDP connection for the machine. The local IP address of the machine is listed in the second column along with the port number. The third columns shows the state of the connection and the last column shows the process id of the connections. States LISTENING, ESTABLISHED and CLOSE_WAIT demonstrates the status of the sockets. “LISTENING” demonstrates the open ports for accepting the inbound connections. “ESTABLISHED” is used if there is an actual connection between the local machine and the remote IP for identification of the available port to exchange data traffic in the network. The “CLOSE_WAIT” is used if a connection has terminated. |
1 |
|||||||||||||||||||||||||||||
|
c) |
Discussion The tracert command is used for getting the IP address of the domain “www.google.com”, and it also determines the time taken for reaching the destination router. Here 9 hop address are used to reach the destination address and its corresponding IP address is 172.217.163.132. |
1 |
|||||||||||||||||||||||||||||
|
Total marks awarded |
15 (max) |
||||||||||||||||||||||||||||||
|
Less late penalties if applicable |
|||||||||||||||||||||||||||||||
|
Less plagiarism penalties if applicable |
|||||||||||||||||||||||||||||||
|
Total marks earned |
Markers comments:
References
Carthern, C., Wilson, W., Bedwell, R. and Rivera, N., 2015. The Network Layer with IP. In Cisco Networks (pp. 49-68). Apress, Berkeley, CA.
Chappell, L., 2017. Wireshark 101: Essential Skills for Network Analysis-Wireshark Solution Series. Laura Chappell University.
Coskun, I.E., Canbaz, M.A. and Gunes, M.H., 2016, November. Efficient as Network Topology Measurement Based on Ingress to Subnet Reachability. In Local Computer Networks Workshops (LCN Workshops), 2016 IEEE 41st Conference on (pp. 87-95). IEEE.
Hirayama, T., Toyoda, K. and Sasase, I., 2015, November. Fast target link flooding attack detection scheme by analyzing traceroute packets flow. In Information Forensics and Security (WIFS), 2015 IEEE International Workshop on (pp. 1-6). IEEE.
Mandal, N. and Jadhav, S., 2016, March. A survey on network security tools for open source. In Current Trends in Advanced Computing (ICCTAC), IEEE International Conference on (pp. 1-6). IEEE.
Voggenreiter, O. and Gupta, A., 2017. Determining User Location Using IP Address and Historical Device Locations.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
