Top-Rated Free Essay

week 4 lab 2
Topics: File Transfer Protocol, Internet / Pages: 3 (381 words) / Published: Feb 10th, 2015

Assessment Worksheet
Decoding an FTP Protocol Session for Forensic Evidence
Cybercrime Forensics
Course Name and Number: _____________________________________________________
Sara Komisarz
Student Name: ________________________________________________________________
Abena Shaw
Instructor Name: ______________________________________________________________

01/18/2015
Lab Due Date: ________________________________________________________________

Overview
In this lab, you used two very powerful forensic analysis tools, Wireshark and NetWitness
Investigator, to examine the same File Transfer Protocol (FTP) traffic capture file, and compare the results of each. FTP is a protocol that is used extensively in business and social communications as means to move files between a host and a client. Just about every time you download something from an Internet site, you are using a version of FTP to manage the process.
It the most-frequently used file transfer tool, but it is vulnerable. You explored the protocol capture file to see how FTP’s cleartext transmission can endanger an organization.

Lab Assessment Questions & Answers
1. Which analysis tool used in this lab helps organize the protocol session and interaction for easier protocol analysis and forensic investigating?
Netwitness is a tool that will help.

2. How are protocol capture and analysis linked to digital computer forensic investigations? It is linked because it helps to monitor traffic and see a user's username, password, IP address and much more to monitor what they have been doing.

3. What is the source IP address of the FTP client workstation and FTP server? client = 172.16.177.132 IP Address of server = 172.16.177.157

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

4. What was the username and password for the successful FTP connection?
Username = badguy
Password = you will never guess this !!

5. What is the MAC layer address of the FTP client workstation and FTP server?
172.16.177.132

6. What are the names of the two text files that were transferred to the server using FTP? badnotes1.txt and badnotes2.txt,

7. What is the port number for FTP? What would you recommend for securing FTP through the public Internet?
21

8. What was the total size of the FTP file transfer?
5.71KB

9. What is the directory on the FTP server where the two text files are located?
/home/badguy/

Copyright © 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com

Student Lab Manual

You May Also Find These Documents Helpful

  • Week 4 Lab
  • Week 2 Lab
  • Week 2 Lab
  • Week 4 Lab
  • Week 2 Lab
  • NETW204 Week 4 lab
  • Netw410 Week 4 Lab
  • Is 305 Week 4 Lab
  • Netw410 Week 2 Lab
  • statistics week 2 lab