Use WireShark to monitor the initiation, communication, and termination of a session involving any TWO of the following applications:
a) VoIP
b) A file transfer using the file transfer protocol of your choice
c) A browser session using the browser and protocol of your choice
d) A remote login using the application of your choice
e) A video gaming session involving a video game that has a TCP or UDP port assignment
You should make screenshots of the interesting parts of the session and show the initiation and termination of the session. Show information gleaned from the session such as playback of VoIP, file transfered, login credentials, video game highlights, etc.
a) VOIP:-
To access the VoIP calls analysis use the menu entry "Telephony->VoIP Calls...". The current VoIP supported protocols are:
SIP
H323
ISUP
MGCP
UNISTIM
The VoIP calls list shows the following information per call:
From: For H323 and ISUP calls, this is the calling number. For SIP calls, it is the "From" field of the INVITE. For MGCP calls, the EndpointID or calling number. For UNISTIM the Terminal ID.
To: For H323 and ISUP calls, this is the called number. For SIP calls, it is the "To" field of the INVITE. For MGCP calls, the EndpointID or dialed number. For UNISTIM the dialed number.
RINGING: call ringing (only supported for MGCP calls)
Comment: An additional comment, this is protocol dependent. For H323 calls it shows if the call uses Fast Start or/and H245 Tunneling.
This image shows playback information of VOIP Calls:-
**A remote login session:-
We have three cases while doing remote login:-
1. Unencrypted packets:-
Use WireShark to monitor the initiation, communication, and termination of a session involving any TWO of...