Scribd Logo
Upload

Welcome to Scribd!

  • 67 views

    Assignment 1

    Uploaded by

    bn
    This document contains instructions for an assignment on network security architecture and management. It has two parts: 1) Analyzing HTTPS handshaking between a browser and yahoo.com using Wireshark. Students need to provide information about the public key certificate and packets captured, and diagram the key exchange process. 2) Performing DNS inspection by visiting a website and capturing DNS queries and responses using Wireshark. Students must provide details about the DNS packets and illustrate how iterative queries work to resolve a domain name. The assignment is due on February 5th, 2023 and the submission should be a PDF file named "A1.pdf". Office hours for questions are on Thursdays from 4-

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Assignment 1

    Uploaded by

    bn
    67 views4 pages
    This document contains instructions for an assignment on network security architecture and management. It has two parts: 1) Analyzing HTTPS handshaking between a browser and yahoo.com using Wireshark. Students need to provide information about the public key certificate and packets captured, and diagram the key exchange process. 2) Performing DNS inspection by visiting a website and capturing DNS queries and responses using Wireshark. Students must provide details about the DNS packets and illustrate how iterative queries work to resolve a domain name. The assignment is due on February 5th, 2023 and the submission should be a PDF file named "A1.pdf". Office hours for questions are on Thursdays from 4-

    Original Description:

    sds

    Original Title

    Assignment1 (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document contains instructions for an assignment on network security architecture and management. It has two parts: 1) Analyzing HTTPS handshaking between a browser and yahoo.com using Wireshark. Students need to provide information about the public key certificate and packets captured, and diagram the key exchange process. 2) Performing DNS inspection by visiting a website and capturing DNS queries and responses using Wireshark. Students must provide details about the DNS packets and illustrate how iterative queries work to resolve a domain name. The assignment is due on February 5th, 2023 and the submission should be a PDF file named "A1.pdf". Office hours for questions are on Thursdays from 4-

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    67 views4 pages

    Assignment 1

    Uploaded by

    bn
    This document contains instructions for an assignment on network security architecture and management. It has two parts: 1) Analyzing HTTPS handshaking between a browser and yahoo.com using Wireshark. Students need to provide information about the public key certificate and packets captured, and diagram the key exchange process. 2) Performing DNS inspection by visiting a website and capturing DNS queries and responses using Wireshark. Students must provide details about the DNS packets and illustrate how iterative queries work to resolve a domain name. The assignment is due on February 5th, 2023 and the submission should be a PDF file named "A1.pdf". Office hours for questions are on Thursdays from 4-

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    C ONCORDIA U NIVERSITY

    INSE 6170: Network Security Architecture and


    Management
    Assignment 1

    Jan 22, 2023

    Due Feb 5, 2023 at 11:59pm through Moodle submission. In this assignment, you are expected
    to work individually. You may use any sources that you want but you must cite them. The
    submission should be a PDF file named "A1.pdf" to contain all written answers. My office
    hours are every Thursday 4pm - 6pm in EV3107. You can also email me to make an appoint
    for your questions.

    1 T HE HANDSHAKING FOR HTTPS (25 PTS )


    To accomplish this assignment, you need to install Wireshark software and complete the fol-
    lowing tasks:

    1. Turn on wireshark packet sniffing, open a browser and visit https://yahoo.com. When
    webpage loading is done, stop Wireshark sniffing.

    2. Filter the captured packets using keyword “ssl".

    3. Check the public key certificate of Yahoo.com from the browser.

    Answer the following questions:

    • Based on the public key certificate for Yahoo.com fill in the following information in
    Table 1.1. You should attach screen shots to show where you find the answers. (8 pts)

    • Based on the captured packets by Wireshark, answer the questions in Table 1.2. You
    should attach screen shots to show where you find the answers. (4 pts)

    1
    Table 1.1: About the Public Key Certificate
    Questions Put your answers here
    What is the root Certificate Authority?
    What is the issuing Certificate Authority?
    How long is the public key?
    What are the first 4 bytes of the public key?
    How long is the signature?
    What are the first 4 bytes of the signature?
    What signature algorithm is used?
    What is the expiration date of the certificate?

    Table 1.2: About the communication


    Questions Put your answers here
    what is the IP address of yahoo.com?
    What is the port number on the yahoo side?
    What are the IP address of your computer?
    What is the TLS version?

    • Locate the client hello packet and take a screen shot to show the following information:
    handshake type, all available cipher suites and all available signature hash algorithms.
    Circle the information on the screen shot similar to what is shown in Figure 1.1. (3 pts)

    • Locate the server hello packet and take a screen shot and circle the following informa-
    tion: session ID, random bytes and cipher suite. If you cannot find any of them, then
    state clearly. (3 pts)

    • Can you find the packet which contains the Yahoo public key certification? If you do,
    then take a screen shot and circle the following information: signature and subjectPub-
    licKey. Are they the same as you found in the previous table 1.1? If you cannot find it,
    then explain why. (3 pts)

    • Locate all the TLS handshake packets and draw a dialog graph to explain how session
    key is exchanged between client and server. Be specific and explain each step. (4 pts)

    Some helpful sources:


    https://www.youtube.com/watch?v=u4ht-E-Kihk
    https://commandlinefanatic.com/cgi-bin/showarticle.cgi?article=art080

    2 DNS INSPECTION (25 PTS )


    Complete the following tasks:

    2
    Figure 1.1: An example on marking on a snapshot

    1. Find a way to clear all cached dns records on your browser.

    2. Turn on wireshark packet sniffing, open a browser and visit https://concordia-ca.zoom.us.


    When webpage loading is done, stop Wireshark sniffing.

    3. Set a proper filter on the captured packets to locate all DNS packets.

    Answer the following questions:

    • Locate the DNS query packet for concordia-ca.zoom.us, and fill in the following infor-
    mation in Table 2.1: (9 pts)

    Table 2.1: About the DNS query


    Questions Put your answers here
    What is the source IP address?
    What is the source port number?
    What is the destination IP address?
    What is the destination port number?
    What is the DNS query ID?
    What is the total length of the packet including all headers?
    Is recursion requested?
    What is the domain name queried?
    What type of answer is requested?

    • Locate the DNS response packet for concordia-ca.zoom.us, and fill in the following in-
    formation in Table 2.2: (11 pts)

    • Suppose the dns cache was also cleared on the DNS local resolver side, how many it-
    erative queries the DNS local resolver has to send out in order to answer the question
    from your browser? Illustrate the iterations using a diagram similar to the one your see
    in the class. (5 pts)

    3
    Table 2.2: About the DNS response
    Questions Put your answers here
    What is the source IP address?
    What is the source port number?
    What is the destination IP address?
    What is the destination port number?
    What is the DNS query ID?
    What is the total length of the packet including all headers?
    Is recursion provided?
    Does the packet contains the query information?
    How many answers are provided?
    What is the final answer (IP address)?
    What is the life span of the answer?

    Useful reference sources:


    [1] https://www.youtube.com/watch?v=yDAHSM2Pijc

    You might also like