Top-Rated Free Essay
Preview

Week 4 Lab 2: Decoding an FTP Protocol Session for Forensic Evidence

Satisfactory Essays
381 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Week 4 Lab 2: Decoding an FTP Protocol Session for Forensic Evidence
Assessment Worksheet
Decoding an FTP Protocol Session for Forensic Evidence
Cybercrime Forensics
Course Name and Number: _____________________________________________________
Sara Komisarz
Student Name: ________________________________________________________________
Abena Shaw
Instructor Name: ______________________________________________________________

01/18/2015
Lab Due Date: ________________________________________________________________

Overview
In this lab, you used two very powerful forensic analysis tools, Wireshark and NetWitness
Investigator, to examine the same File Transfer Protocol (FTP) traffic capture file, and compare the results of each. FTP is a protocol that is used extensively in business and social communications as means to move files between a host and a client. Just about every time you download something from an Internet site, you are using a version of FTP to manage the process.
It the most-frequently used file transfer tool, but it is vulnerable. You explored the protocol capture file to see how FTP’s cleartext transmission can endanger an organization.

Lab Assessment Questions & Answers
1. Which analysis tool used in this lab helps organize the protocol session and interaction for easier protocol analysis and forensic investigating?
Netwitness is a tool that will help.

2. How are protocol capture and analysis linked to digital computer forensic investigations? It is linked because it helps to monitor traffic and see a user's username, password, IP address and much more to monitor what they have been doing.

3. What is the source IP address of the FTP client workstation and FTP server? client = 172.16.177.132 IP Address of server = 172.16.177.157

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

4. What was the username and password for the successful FTP connection?
Username = badguy
Password = you will never guess this !!

5. What is the MAC layer address of the FTP client workstation and FTP server?
172.16.177.132

6. What are the names of the two text files that were transferred to the server using FTP? badnotes1.txt and badnotes2.txt,

7. What is the port number for FTP? What would you recommend for securing FTP through the public Internet?
21

8. What was the total size of the FTP file transfer?
5.71KB

9. What is the directory on the FTP server where the two text files are located?
/home/badguy/

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

You May Also Find These Documents Helpful

  • Satisfactory Essays

    The lab environment consists of computers connected to a local area network. The computers required for this lab are listed in Table 1-1.…

    • 1996 Words
    • 8 Pages
    Satisfactory Essays
  • Good Essays

    File Transfer Protocol. This is the main protocol, or service that is utilized during file transferring between…

    • 438 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Nt1310 Unit 1

    • 4209 Words
    • 17 Pages

    83) Which process is responsible for establishing a connection between the client and the server?…

    • 4209 Words
    • 17 Pages
    Powerful Essays
  • Good Essays

    Lab 01

    • 424 Words
    • 2 Pages

    In this lab, you explored the common tools available in the virtual lab environment. You used…

    • 424 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    NT2670 Midtern Questions

    • 842 Words
    • 3 Pages

    What directory enables you to use a web site to publish files located anywhere on the network?…

    • 842 Words
    • 3 Pages
    Powerful Essays
  • Powerful Essays

    AIS Review Sheet

    • 2832 Words
    • 12 Pages

    6) TCP/IP: The Transmission Control Protocol specifies the procedures for dividing files and documents into packets to be sent over the Internet and the methods for reassembly of the original document or file at the destination. The Internet Protocol specifies the structure of those packets and how to route them to the proper destination.…

    • 2832 Words
    • 12 Pages
    Powerful Essays
  • Satisfactory Essays

    TCP Wrappers is a Linux/UNIX security mechanism that will deny or allow access to TCP services. We can prevent unauthorized access to our vsftp server using TCP Wrappers. TCP Wrappers consists of two files located in the /etc directory. The hosts.deny file prevents certain users from accessing TCP services while the hosts.allow authorizes users to access TCP services.…

    • 182 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    Unit 5 Assesment 1

    • 477 Words
    • 3 Pages

    Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.…

    • 477 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Forensics2E Lab02 AW

    • 256 Words
    • 2 Pages

    Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.…

    • 256 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    1. Which tool is better at performing protocol captures and which tool is better at performing protocol analysis? The best tool for protocol captures is Wireshark. The best tool for protocol analysis is Netwitness.…

    • 2612 Words
    • 11 Pages
    Powerful Essays
  • Good Essays

    Nt1310 Unit 9

    • 474 Words
    • 2 Pages

    C) FTP (File transfer protocol) - is a standard way of gathering files between computers on the Internet over IP/TCP…

    • 474 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    It 240 Appendix F

    • 260 Words
    • 2 Pages

    Transmission Control Protocol / Internet Protocol (TCP/IP) TCP is the protocol used in networking that provides a connection-oriented, reliable way for applications to communicate large amount of data at one time over a network. IP is a connectionless protocol responsible for addressing network devices, and routing packets between…

    • 260 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Securing Windows Media

    • 481 Words
    • 2 Pages

    | The Windows Media distribution server uses this UDP Out port to send correction-oriented control messages to the origin server.…

    • 481 Words
    • 2 Pages
    Good Essays
  • Good Essays

    By using forensics tools you have discovered this file you suspect to be a graphic file even though it is not stored as a standard graphics file, like a JPEG. You must also use tools to recover the graphics file. Since graphic files have headers with instructions on how to display them, the…

    • 686 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Ftp Server

    • 4247 Words
    • 17 Pages

    * a file from host1 to host2. Keep in mind, this program might only work…

    • 4247 Words
    • 17 Pages
    Better Essays