Anda di halaman 1dari 2

Assignment: Using Wireshark to Examine Ethernet Frames

1. What is significant about the contents of the destination address field?


Answer: They start at a default address in order to transmit the message

2. Why does the PC send out a broadcast ARP prior to sending the first ping request?
Answer: The address starts at a default value and the ARP is necessary to obtain the Mac address of t
destination in order to transmit.

3. What is the MAC address of the source in the first frame?


Answer: 5c:26:0a:24:2a:60

4. What is the Vendor ID (OUI) of the Source’s NIC?


Answer: 12:34:56:78:9A: BC.

5. What portion of the MAC address is the OUI?


Answer: First six numbers

6. What is the Source’s NIC serial number?


Answer: 78:9A: BC.

7. What is the IP Address of the PC Default Gateway?


Answer: 192.168.1.1

8. What is the MAC address of the PC’s NIC?


Answer: 84:2b:2b:9f:f8:a1

9. What is the default gateway’s MAC address?


Answer: 00:07:eb:9e:f2:c9

10. What type of frame is displayed?


Answer: IP(OX0800)

11. What is the source IP address?


Answer: 192.168.100.12
12. What is the destination IP address?
Answer: 192.168.1.1

13. What do the last two highlighted octets spell?


Answer: WABCDEFG HI

14. What deviceand MAC address is displayed as the destination address?


Answer: 84:2b:2b:9f:f8:a1

15. In the first echo (ping) request frame, what are the source and destination MAC addresses?
 Source: 84:2b:2b:9f:f8:a1
 Destination: 00:00:0c:07:ac:0f

16. What are the source and destination IP addresses contained in the data field of the frame?
 Source: 10.48.158.37
 Destination: 23.200.16.170

17. Compare these addresses to the addresses you received in Step 7. The only address that
changed is the destination IP address. Why has the destination IP address changed, while the
destination MAC address remained the same?
Answer: Because the Mac address is only relevant port local networks, and the Mac address shown
is the address of the router that is in charge of communications to the outer network, so despite
connecting addresses in any other part the Mac address will always remain the same

18. Wireshark does not display the preamble field of a frame header. What does the preamble
contain?
Answer: define a specific series of transmission criteria that is understood to mean "someone is about
to transmit data".