The arp entry deletion failed the requested operation requires elevation

MGMT 393 Laboratory Manual Last Updated 16 Jun 2013

Activity 3.2 Page 1

MGMT 393 Laboratory Manual

Activity 3.2 — Protocols and Conversations

SOFTWARE REQUIRED. You will need Wireshark (which you downloaded in Activity 1.3), and TCPVIEW,

which you will download this week, in PART 2.

The textbook’s Hands-On Cases, in Chapter 5 and 6, step you through some of this. You may find it

useful to have it handy while doing this Activity.

DON’T PANIC. You’re still not writing a lengthy lab report here – and there’s really not a lot of things

you’ll be doing this week. But you will be cranking through some details with Wireshark, and making

notes as you go along. Don’t rush. Be patient. It will pay off in the long run!

PART 1: Identifying the TCP/IP Layers in a Frame (see Hands-On Project 5.2, pgs 211-212 in the text).

1. START WIRESHARK: Set its Interface and Capture Options so that you’re ready to capture on

your active Internet connection, with NO filtering. START the CAPTURE.

2. BROWSER window: start up your browser, and after your home page loads, exit the browser.

3. STOP CAPTURE. Now, let’s take a closer look at what WIRESHARK found.

A. Click a packet summary in the top pane with HTTP in the protocol field and an INFO line

beginning with GET. In the middle pane Wireshark shows us summaries of each protocol

header. Ignore the lines that start Frame X.

B. Expand the ETHERNET II line in the PACKET DETAILS (middle) pane.

Examine the details that this reveals.

PASTE IN A SCREEN SHOT of that expanded ETHERNET II packet details pane in your

Report. (You might want to grab Wireshark’s scroll bars and expand the window, and

MGMT 393 Laboratory Manual Last Updated 16 Jun 2013

Activity 3.2 Page 2

trim down the parts of the screen shot outside of that area. JING makes that very easy,

but so does PAINT.) What are you seeing here?

What layer of the TCP/IP protocol does this header represent?

C. Collapse that line, and then expand the line starting with INTERNET PROTOCOL. Expand its

sublevels. What is this telling you? PASTE a screen shot of that into your report. What

new information about this conversation are you seeing here?

What layer of the TCP/IP protocol does this header represent?

D. Do the same for the line that begins “Transmission Control Protocol” (expand it, screen

print, past that in your report.) What new information about this conversation are you

seeing here?

What layer of the TCP/IP protocol does this header represent?

E. Do the same for the line that begins “Hypertext Transmission Protocol” (expand it, screen

print, past that in your report.) Can you explain what we’re seeing now, and why it seems

so different than what we’ve seen at the other protocol lines we’ve looked inside?

What layer of the TCP/IP protocol does this header represent?

If you’re not going on to the next part of the lab, close Wireshark