Using the xela.cap file a. Compose a regular expressions (regex)…

/in /by

Question Using the xela.cap file a. Compose a regular expressions (regex)… Using the xela.cap filea. Compose a regular expressions (regex) command in a Cygwin terminal which will provide a histogram of the source addresses for TCP packets. (hint – what if I asked for http traffic?) It should look like:  192.168.0.11      44352.114.158.52   443………b. From which address has 66 packets been received?  Sample of the xela.cap file but there are many more packets not shown.”717″,”78.652882″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”381″,”NOTIFY * HTTP/1.1 “”718″,”78.657394″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”424″,”NOTIFY * HTTP/1.1 “”719″,”78.660869″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”426″,”NOTIFY * HTTP/1.1 “”720″,”78.665083″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”438″,”NOTIFY * HTTP/1.1 “”721″,”78.669126″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”436″,”NOTIFY * HTTP/1.1 “”722″,”78.673177″,”192.168.0.2″,”239.255.255.250″,”SSDP”,”452″,”NOTIFY * HTTP/1.1 “”723″,”78.847252″,”204.79.197.200″,”192.168.0.11″,”TCP”,”60″,”443  >  50777 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0″”724″,”79.667287″,”192.168.0.3″,”192.168.0.11″,”UDP”,”360″,”60000  >  50801 Len=318″”725″,”360″,”60000  >  50801 Len=318″”726″,”80.283650″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”328″,”NOTIFY * HTTP/1.1 “”727″,”80.297132″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”391″,”NOTIFY * HTTP/1.1 “”728″,”80.297134″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”319″,”NOTIFY * HTTP/1.1 “”729″,”80.297135″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”328″,”NOTIFY * HTTP/1.1 “”730″,”80.297136″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”367″,”NOTIFY * HTTP/1.1 “”731″,”80.311325″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”387″,”NOTIFY * HTTP/1.1 “”732″,”80.311331″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”383″,”NOTIFY * HTTP/1.1 “”733″,”80.311332″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”399″,”NOTIFY * HTTP/1.1 “”734″,”80.314734″,”192.168.0.1″,”239.255.255.250″,”SSDP”,”381″,”NOTIFY * HTTP/1.1 “”735″,”81.507628″,”192.168.0.11″,”52.114.158.52″,”TCP”,”54″,”50850  >  443 [FIN, ACK] Seq=1 Ack=1 Win=1024 Len=0″  Computer Science Engineering & Technology Networking INFOSEC 5320 Share QuestionEmailCopy link Comments (0)