COSC 6377 - Computer Networks

Fall 2012

MW 1:00-2:30pm at PGH376

InstructorOmprakash Gnawali

Homework 3 : Packet Capture and Analysis

Due: November 12, 2012

In this assignment, we will learn how to capture packets over wireless network and analyze them.

Packet Capture

Wireless networks, such as the ones we use for Internet access at school and home, transmit packet using an omni-directional transmitter even when the packet is intended for a particular host. This suggests that we can "snoop" packets even when we are not the source nor the destination of the packet. This is indeed true. You need to put your wireless interface in promiscuous mode and run a packet capture tool to log the packets.

We will use a packet capture tool called Wireshark. Go to Wireshark website at and download Wireshark.

Learn how to capture the packets. From within Wireshark, verify that you are capturing in Promiscuous and monitor mode capture. If you don't set these options, you might not be able to capture all the packets your interface could potentially capture.

Learn how to analyze the packets. Wireshark has a large number of simple to sophisticated analysis tools built-in. Please familiarize yourself with Wireshark before you proceed to rest of this assignment.

Find someone to work with you in a team. Both of you need to have your laptops with Wireshark installed, configured, and ready to go. Your team should agree on a place and time when you do the packet capture part of the assignment.

Get both the laptops to capture the packets starting at the same time. Capture packets for one minute. Once the capture is done, you should share the trace with each other. You will do rest of the assignment individually.

Q1: Draw the CDF of number of packets (y-axis) by source IP address (x-axis). What does this CDF tell us?

Q2: Describe how different or similar are the two packet traces captured by your team. Use text, numbers, and graphs, as appropriate, to answer this question.

Q3: For this question, we will use a packet trace captured by our TA. We have extracted the fields relevant to this question into this compressed text file. Plot the per-second TCP packets (y-axis) for the entire trace duration (x-axis) using EWMA to smooth the line. Plot five separate lines on the same graph with alpha = 0, 0.2, 0.5, 0.8, and 1.


You should submit your assignment as a single PDF. Please include any script or code that you write in your pdf. Upload this single pdf to Blackboard.