Internet Fax Services Review and Comparsion

 

This assignment is a practical evaluation with protocol analysis.

1.0 General Setup

  1. Install a network protocol analyzer called Wireshark (http://www.wireshark.org/download.html). You can also use Fiddler ( http://www.fiddler2.com/fiddler2/ ) at the same time.
  2. Go to www.yahoo.com to get a new yahoo id for email. Alternatively, you can use an existing id. It will work as long as it is a web based email.
  3. Clean browser cache with new ids are recommended. (You will have cleaner traffic that way).

 

2.0

Trace Capture Part I

1 Make sure you signout of any Yahoo account in the browser that you are using. Alternatively, you can create a new Yahoo account in this exercise. Start the network protocol analyzer Make sure everything works and you can capture HTTP traffic. Use a new account to make sure you have a clean trace.
2 Click this link Only use this link
3 Click the "Free 30 Day Trial" button Capture the network trace.
4 Complete the process and finish the signup. Verify email if needed. Pay close attention to the page with any user inputted information.
5 Start the trail, login, and exercise some features on the web site. Make sure the network protocol analyzer is working. Make sure you have the trace. Stop the analyzer and perform analysis

 

Trace Capture Part II

1 Make sure you signout of any Yahoo account in the browser that you are using. Alternatively, you can create a new Yahoo account in this exercise. Start the network protocol analyzer Make sure everything works and you can capture HTTP traffic. Use a new account to make sure you have a clean trace.
2 Click this link Only use this link
3 Click the "Free 30 Day Trial" button Capture the network trace.
4 Complete the process and finish the signup. Verify email if needed. Pay close attention to the page with any user inputted information.
5 Start the trail, login, and exercise some features on the web site. Make sure the network protocol analyzer is working. Make sure you have the trace. Stop the analyzer and perform analysis

 

3.0 Comparsion and Analysis

You just did a quick audit of a couple system. You must refer your answers to your actual trace to get credit.

 

Part a

Which fax service do you prefer? Based your discussion on security, number of features, and ease of use. Will you use one of the services? If yes, why? If not, what can be done in order for you to use it?

Part b

Some of the pages contain a randomly generated hidden value in the page. Go through your trace and identify those random hidden values. Random in this context is the fact that the value is not the same for different pages generated by the server. You must refer to the trace to get credit. After you identify the hiddle value in the pages. Discuss the following:

 

Part c

Besides the randomly generated hidden value, what extra information is generated in the page? List 5 findings with reference to the trace. (Hint: You can base some of your findings on the the sensitive fields such as password or credit card numbers).

 

 

Hints: