Scribd Logo
Upload

Welcome to Scribd!

  • Jonathan Ellis Unit 9 Lab

    Uploaded by

    api-323337716
    44 views12 pages
    Jonathan Ellis completed two tutorials using Wireshark to capture and analyze network traffic: 1) In the first tutorial, Ellis opened Wireshark and Firefox browser to view traffic from a website. Ellis was able to find evidence in Wireshark that matched the website visited in Firefox. 2) In the second tutorial, Ellis cleared browser cookies for a site, set a new cookie, then logged into a forum on the site. Ellis found the username and password captured in Wireshark matched what was used to log in.

    Original Description:

    Original Title

    ellis lab9

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Jonathan Ellis completed two tutorials using Wireshark to capture and analyze network traffic: 1) In the first tutorial, Ellis opened Wireshark and Firefox browser to view traffic from a website. Ellis was able to find evidence in Wireshark that matched the website visited in Firefox. 2) In the second tutorial, Ellis cleared browser cookies for a site, set a new cookie, then logged into a forum on the site. Ellis found the username and password captured in Wireshark matched what was used to log in.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    44 views12 pages

    Jonathan Ellis Unit 9 Lab

    Uploaded by

    api-323337716
    Jonathan Ellis completed two tutorials using Wireshark to capture and analyze network traffic: 1) In the first tutorial, Ellis opened Wireshark and Firefox browser to view traffic from a website. Ellis was able to find evidence in Wireshark that matched the website visited in Firefox. 2) In the second tutorial, Ellis cleared browser cookies for a site, set a new cookie, then logged into a forum on the site. Ellis found the username and password captured in Wireshark matched what was used to log in.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 12

    Jonathan Ellis

    Unit 9 Lab

    Tutorial 1
    1)

    2) I got wireshark downloaded on my PC and Im watching the tutorial. I start by opening


    wireshark and looking at the tools to get acquainted with the software.

    3) I then open firefox (my browser of choice for this lab). Then set that browser to a blank
    page.

    4/5) I then go on to open Wiresharks capture interface. This allows me to see all available
    networks.

    6) By selecting the network that Im on, Im then able to see all traffic on the
    network. As all the traffic is coming in Ill have to isolate the portions that I need

    from the ones I dont.

    7) Next I go over to my blank browser and search got to www.httprecipes.com. The


    goal is to see if I can find evidence of being on this site on Wireshark.

    8) Next I isolate all of the information that I need which happens to be http information. I
    wont need all of the other information that was being captured.

    9,10,11) Then I go on to search through all of the traffic and find evidence of being on
    www.httprecipes.com. In the screenshot below it states the site this is coming from is the
    same.

    Found the exact one for the link (http://www.httprecipes.com/). The capture references
    firefox the browser I used. The host is (www.heatonresearch.com).

    Tutorial 2
    1,2,3) On this step I go to www.httprecipes.com/1/2/cookies.php and clear the cookies saved
    in the browser. This makes the browsers cookie cache clear.

    4,5) Next I restart the live capture. Restarting the process by going to
    Capture>Interface>My Network

    6,7,8,9,10) Next I go back to www.httprecipes.com/1/2/cookies.php and set a brand new


    cookie. The cookie for this step is OreosAreTheBest.

    11) Next I go to www.httprecipes.com/1/2/forums.php. The goal is to use an http site


    because it is less secure than https. Then use a User ID and password which should be

    recorder by wireshark.

    12-17) Going into Wireshark and finding the captured url allows me to then search for the
    user Id and password. In the image below UID is the user ID and pwd is the password.
    Both matched the User Id and password that was used for the browser.

    You might also like