Chapter Two Answers


The answers to this chapter test are located in Appendix A, "Answers to Chapter Tests."

  1. Consider the following situations and note whether the filter should be based on MAC address, IP address or IPX address.

    1. You want to see all the traffic sent to or from the local router.

      __X__ MAC____ IP____ IPX

    2. You are troubleshooting a DNS problem on the local network.

      ____ MAC__X__ IP____ IPX

    3. You want to catch all web browsing traffic to or from Fred.

      ____ MAC__X__ IP____ IPX

    4. You want to perform an analysis of one client's bootup process.

      __X__ MAC____ IP____ IPX

    5. You are interested in all broadcast traffic on the network.

      __X__ MAC____ IP____ IPX

  2. Which offset and value should you use when you build a filter on the source address 10.0.2.5?

    Offset: 0x0C/12d Value: 0x0a.00.02.05 (in hex)

  3. Fill in the following filter window to build a filter for all traffic from subnet 10.16.2.0.

    click to expand

  4. Write down some of the devices on your network that you need filters for. Indicate whether you will build these filters based on MAC address, IP address, IPX address or another type of address.

    Filter Type Device Name

    [This is entirely dependent on your network situation. Remember to build address filters on your key servers, routers and fireall.]

  5. Refer to IANA's protocol numbers area to answer the following questions regarding address filters:

    1. What filter value (in decimal) will you use to capture all multicast traffic sent to RIP2 routers?

      224.0.0.9

    2. What filter value (in decimal) will you use to capture all multicast traffic sent to all OSPF routers?

      224.0.0.5 (IANA lists this as all “OSPFIGP routers.”)

    3. What filter value will you use to capture almost all IP multicast traffic?

      224 - just a one byte filter.




Packet Filtering. Catching the Cool Packets.
Packet Filtering: Catching the Cool Packets
ISBN: 1893939383
EAN: 2147483647
Year: 2000
Pages: 65

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net