Project #3, Part 1: Packet Traces

Project 3 part 2 is available here.

The trace files (300M) needed for this project are available here.


In the world of network security, it is very likely that you will find yourself peering at a collection of raw packets (a file of which is typically called a packet trace). Packet traces are often used for network forensics, analyzing (or reverse engineering) protocols, and (as you will soon find out) debugging and trouble shooting during network development.

The purpose of this portion of the assignment is to get you comfortable looking at packet traces. Your job is to use a packet analyzer to go through the trace files we give you (available here) and answer the following questions.

To poke through the trace file, you are going to want to enlist the help of Wireshark. We highly recommend that you use Wireshark because it has much more comprehensive functionality for decoding packets.



A writeup (README.1) which answers each of the questions posed above.