Project 3: NetworkingWinter 2024

This project counts for 9% of your course grade. Late submissions will be penalized by 10% of the maximum attainable score, plus an additional 10% every 4 hours until received. Late work will not be accepted after the start of the next lab (of any section) following the day of the deadline. If you or your partner have a conflict due to travel, interviews, etc., please plan accordingly and turn in your project early.

This is optionally a group project; you may work in teams of two and submit one project per team. You may also work alone. Note that the final exam will cover project material, so you and your partner should collaborate closely on each part.

The code and other answers you submit must be entirely your team’s own work, and you are bound by the Honor Code. You may discuss the conceptualization of the project and the meaning of the questions, but you may not look at any part of someone else’s solution or collaborate with anyone other than your partner. You may consult published references, provided that you appropriately cite them (e.g., with program comments). Visit the course website for the full collaboration policy.

Introduction

This project will introduce you to network protocols, to network packet trace analysis, and why large, interconnected systems are difficult to engineer from the perspectives of networking and authentication.

Objectives:

  • Gain exposure to core network protocols and concepts.
  • Gain appreciation for the design considerations around networked services and authentication in an enterprise setting.
  • Understand offensive techniques often used to infiltrate these settings.

Read this First

This project asks you to perform attacks, with our permission, against controlled and simulated environments. Attempting the same kinds of attacks against other networks without authorization is prohibited by law and university policies and may result in fines, expulsion, and jail time. You must not attack any network without authorization! Per course policy, you are required to respect the privacy and property rights of others at all times, or else you will fail the course. See “Ethics, Law, and University Policies” on the course website.

Investigation basics

You have recently been hired by the U.S. Department of Cyber Espionage (USDCE) and on your first day have been placed on an emerging investigation of a cyber attack. Few details have been shared with you at this point, but you have heard that you’ll be getting more direction shortly. Once you hear from your supervisor, this document won’t be very useful; you’ll need to get updates from inside the USDCE going forward.

Because this is an ongoing investigation, please refrain from sharing any details outside your partnership (if you have a partner).

Set up your environment according to the instructions in the submission details, then head over to the USDCE’s website for more information.

Wireshark

As part of your investigation, you will be using Wireshark, a tool for capturing, parsing, viewing, and analyzing network traffic. It comes installed in the project’s Docker container. When you open the project in the container in VS Code, you can navigate to http://localhost:38803 in your browser to open Wireshark. If you’d prefer to use VNC, you can also connect to vnc://localhost:38853.

Submission Details

  1. Create a repo using the GitHub template. Make sure that the repo you create is private.

  2. Establish a team on the autograder. Only teams created on the autograder will be able to join the online office hours queue.

    Project 3 Autograder

    Although the autograder submission screen shows the 6 p.m. deadline, you can still submit after this time subject to a lateness penalty, up until the start of the first lab following the deadline. Any submissions after the posted deadline will result in a late deduction, even if your best submission occurred before the deadline. The autograder will not warn you of this. (You don’t get to attempt a higher score after the deadline with no risk.)

Once you’re done with the project, you can delete the project 3 Docker container to reclaim resources on your computer. Don’t delete the entire Docker installation (you’ll need it for a future project), just the container.