Appendix A-Wireshark Lab Exercises

WSU03
WSU03: Wireshark Troubleshooting

Network Performance
Appendix A:
Wireshark Lab
Exercises
Wireshark University™
Slow Browsing
Trace File: extra01.pcap
This trace begins with a really slow DNS response. In fact, the client
sends out two DNS queries. When the first DNS response arrives, the
client shuts down the listening port and responds to the second DNS
response with an ICMP Destination Unreachable/Port Unreachable. How
much delay was caused by packet loss?
Step 1. Open the trace file listed above.
Step 2. Review the Appendix A video for an introduction and your questions for
this lab. The video of the lab answers follow the introduction.
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-2

© 2007 Protocol Analysis Institute, Inc.
DHCP Slow
Trace File: misc04.pcap
You know it's going to be a bad day when the first one you talk to ignores you. In this
case the client sends a DHCP Discover out and waits six seconds without a reply (you
could hear a pin drop). When the server does finally answer the client already has
another Discover queued up and ready to send – out it goes. Let's hope the rest of the
day goes better.
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________

Bad FTP
This is an interesting trace of an FTP file upload process that seemed to

take forever and then generated an error. What happened here? Can you
figure out which direction packet loss must have occurred on?
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________

FTP Fail
– An FTP upload fails. Where is the fault?
• The client?
• The server?
• The network?
• The application?
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________

POST no Bills
HTTP clients use the POST command to send data to HTTP servers. In this case, the
client does not receive the expected confirmation message.
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________

Poisoned
Trace File: sym-404.pcap
A system appears to have been infected with a virus. After checking the system, you
notice that the virus detection software is out-of-date even though it is set up for
automatic update. You want to analyze the update process to ensure it is working
properly.
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________

Client Frustrated
The user complains that the “network is down.” You have captured the traffic as the
client tries to connect to a web server.
Notes:
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________
_______________________________________________


Appendix A-Wireshark Lab Exercises

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Appendix A-Wireshark Lab Exercises

Hochgeladen von

Copyright:

Verfügbare Formate

WSU03

WSU03: Wireshark Troubleshooting

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-2

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-3

This is an interesting trace of an FTP file upload process that seemed to

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-4

– An FTP upload fails. Where is the fault?

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-5

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-6

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-7

Step 1. Open the trace file listed above.

WSU03: Wireshark Troubleshooting Network Performance - Appendix A Page A-8

Das könnte Ihnen auch gefallen