Assignment #2 - Exploring Network Protocols with Scapy and Wireshark
Due Date: 23:59
Download [PDF] [attachment]
Late Policy
- You have free 3 late days.
- You can use late days for assignments. A late day extends the deadline 24 hours.
- Once you have used all 3 late days, the penalty is 10% for each additional late day.
Assignment #2 - Exploring Network Protocols with Scapy and Wireshark
Objectives
- Gain hands-on experience with Scapy for crafting and sending packets.
- Use Wireshark to capture and analyze network traffic generated by Scapy.
- Understand the structure and function of various network protocols, focusing on sniffing and spoofing techniques.
Tools Required
- Scapy: Ensure Scapy is installed on your system. Install using
pipx install scapy
if not already installed. - Wireshark: Must be installed on your machine. Run using
sudo -E wireshark
.
Instructions
- Setup Wireshark for Packet Capture:
- Open Wireshark with administrator privileges by executing
sudo -E wireshark
in the terminal. - Select ‘Capture’ then ‘Options’, and choose to capture on ‘any’ interface to monitor all network traffic.
- Start the capture before you begin the exercises with Scapy.
- Open Wireshark with administrator privileges by executing
- Scapy Interactive Tutorial:
- Follow the Scapy interactive tutorial available at Scapy Tutorial.
- Focus on sections involving sending and receiving packets, crafting ARP requests, manipulating TCP sessions, and specifically, packet sniffing and spoofing.
- Key Commands and Activities:
- Execute at least 5 different commands from the tutorial involving packet sniffing and spoofing.
- For each command:
- Provide a detailed description and purpose of the command.
- Include the command output from Scapy and the corresponding packet capture in Wireshark.
- Analyze the packet details as displayed in Wireshark, focusing on how the packets are constructed and transmitted.
- Assignment Tasks:
- Document the process and findings for each command executed.
- Capture the pcap files for each session where you have crafted and sniffed packets.
- Analyze and discuss any notable packet details or anomalies observed during the exercises.
- Documentation and Submission:
- Prepare a comprehensive report including descriptions, screenshots from Scapy and Wireshark, and your analysis.
- Include the pcap files as part of your submission to demonstrate the packet flows captured during your exercises.
- Submit your report and pcap files in a zip archive through the course’s online portal.
Evaluation Criteria
- Accuracy and depth of command execution and packet analysis.
- Clarity, organization, and completeness of the final report and pcap files.
- Ability to identify and explain packet characteristics and potential security implications.
Make sure to utilize your session in Wireshark to validate and observe the effects of your Scapy scripts, enhancing your understanding of network protocols and cybersecurity practices.