CS 268 - Assignment 3: Network Sniffing

Given: November 3, 2000

Due: November 17, 2000

Language Options: Any

Your assignment is to decode some sniffed IP packet traffic. You may do this by hand or write a program to do it. For each packet you will need to figure out:

Source IP address

Destination IP address

IP header length

IP packet total length

IP protocol number

In addition, if the packet is UDP, list the value of all four UDP header fields. If the packet is TCP, list all the TCP header field values. You may ignore the TCP options. In addition, when done, summarize the data seen. This should include: (1) total length of all packets, (2) total number of packets, (3) total number of TCP connections, and (4) total number of UDP packets.

The sniffed traffic is in binary form as a set of files. They are:


~cs268/sniff-Fa00-1.data
~cs268/sniff-Fa00-2.data

You will turn in a break down of each packet. You will not turn in any program for this assignment, just the packet information as stated above.

Extra Credit

Value: up to +6% onto final grade

For extra credit, decode the TCP and IP options (if present) as well as all the IP header fields (+1%). Decode the application data into hexadecimal (+2%). Decode what application protocol it is and what each message is doing (+3%).

Todd L. Montgomery (revised 11.2.2000)