CIS225_TCP_UDP_Headers_Wireshark_Answers

docx

School

ECPI University, Greensboro *

*We aren’t endorsed by this school

Course

225

Subject

Computer Science

Date

Jan 9, 2024

Type

docx

Pages

2

Uploaded by corada5995

Report
TCP/UDP Headers via WireShark Search for the packets where the UDP protocol uses Port 53 and answer the below questions. 1. How many packets are displayed? 172 v 2. What is the frame number of the first packet that uses UDP Port 537 9 v 1. What is the decimal value for the Source Port? 52252 v 2. What is the hex value for the Source Port? cc 1c v 3. What is the decimal value of the Destination Port? 53 v 4. What is the hex value of the Destination Port? 00 35 v 5. What is the length of the UPD datagram? 41 v s Vv 6. What is the length of the UDP header? (Hint: answer is in image above. UDP header is always same size) 8 v s Vv 7. In this packet, DNS is asking a question, "What is the IPv4 address of www.enomaly.com v 7 8. Was this a packet from client-to-server or from server-to-client? $ « How do you know this? s Vv 3. How many packets use UDP? 268 v 4. How many packets use UDP port 1387 34 v * How many packets in this capture use TCP and the transport layer protocol? 5618 v * You expect to see SYN flag set as the only flag or with the ACK flag. To identify the first packet of a TCP 3-way handshake, look for packets where the SYN flag is the only TCP flag set. This filter will help, tcp.flags.syn==1 && tcp.flags.ack==0. How many packets have only the SYN flag set in the TCP header? 185 v ® The first TCP 3-way handshake starts in Frame 18. In which frame does the next TCP 3-way handshake start? 55 v © What is the decimal value of the Source port in this packet? 3257 v © What is the hex value of the Source port in this packet? 0c b9 v © What is the decimal value of the Destination port in this packet? 80 v © What is the hex value of the Destination port in this packet? 00 50 v © What is the hex value for the TCP flags for this packet? 0x002 v o What is the decimal value of the raw sequence number for this packet? 1156563059 v o What is the decimal value for the raw acknowledgment number for this packet? 0 v © Why is this the expected value for acknowledgment number in this packet? s Vv What is the frame number for the second frame in the TCP 3-way handshake started in Frame 55? 58 v o < © How did you know that this was the second packet in the TCP 3-way handshake? © What is the decimal value of the Source port in this packet? 80 v © What is the hex value of TCP flags for this frame? 0x012 v < © On the Filter bar, enter tcp.flags==0x012. What is the result of this filtering? o What filter would you enter to show packets with only the TCP SYN flag only set? tcp.flags==0x002 v * What is the frame number of the third frame in the TCP 3-way handshake started in Frame 55? 59 v
© What is the decimal value of the SEQ number? 1156563060 v o Why was this number expected? s Vv © What is the value of the ACK number? 478790601 v © Why is this the expected value for acknowledgment number in this packet? s Vv Frame 56 is the first packet of a TCP 3-way handshake. © What is the Frame number of the 2nd packet of the TCP 3-way handshake that starts in Frame 567 60 v © What is the Frame number of the 3rd packet of the TCP 3-way handshake that starts in Frame 567 61 v Right-click on Frame 56 and select Follow>TCP Stream. © How many frames are in the TCP stream? 12 v © Look in frame 88. What is occurring in this stream? s v o Another window pops open with the contents of the TCP stream. The content highlighted in red is the HTTP request, the contents highlighted in blue is the response. Note that this was an HTTP request, not an HTTPS request, therefore the content of the file was sent as clear text, meaning that you can read the text. The first line of the CSS file IS /*** ESSENTIAL STYLES ***/. In what frame is the data located? (HINT: Look at Packet Bytes pane) 101 v o Frame 100 acknowledges the request. Note that all the TCP header parts are present, but there is no TCP data attached. This is only an acknowledgment. What happens in Frames 101, 102, and 105? s v © What happens in Frame 114? s v © Which TCP flag is set that causes the TCP session to be closed? FIN v Right-click on Frame 96 and select Follow>TCP Stream. © How many frames are in the TCP stream? 120 v © Why are there more frames in this TCP stream than in the last TCP stream? s v o How could you create the exact copy of the javascript file in this stream? TCP window size indicates how many bytes the sender can issue to a receiver before an acknowledgment is received. This field performs flow control, preventing the receiver's buffer from being deluged with bytes. Frame 97 is the first packet of a TCP 3-way handshake. © What is the Windows size for the client? 64240 v ® What is the Frame number of the 2nd packet of the TCP 3-way handshake that starts in Frame 977 138 v © What is the Windows size for the server? 5840 v ® What is the Frame number of the 3rd packet of the TCP 3-way handshake that starts in Frame 977 139 v ¢ In Frame 261, what is the Windows size the client is sending? 61480 v * In Frame 264, what is the Windows size the client is sending? 58720 v * Why is the Window size on the client shrinking? s Vv What is the Frame number of the last frame for the TCP session that started in the Frame 97? 268 v
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CIS251_5.5_Managing_Container_Storage_Corey_Adams.docx
CIS256_2.5_Demote_Corey_Adams.docx
CIS206_2.5_Modify_Files_and_Directories_Corey_Adams.docx
CIS251_3.2_DNS_Service_Pre_Submission_Corey_Adams.pptx
CIS142_1.4_Amazon_EC2_Corey_Adams.docx
CIS142_2.7_Project_Part_1_Cloud_Deployment_Model_Cloud_Provider_Corey_Adams.docx
CIS225_4.3_Network_Security_Devices_Corey_Adams.docx
CIS225_3.8_Dynamically_Routed_Network_Corey_Adams.docx
CIS225_5.3_VLANs_Corey_Adams.docx
CIS123_1.9_Screenshots_Flowgorithm_Python_Programs_Corey_Adams.docx
CIS225_1.11_DNS_Name_Resolution_Answers.docx
CIS142_4.9_Project_Part_3_Threats_and_Mitigation_Corey_Adams.docx
Recommended textbooks for you
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS
Recommended textbooks for you
Text book image
Comptia A+ Core 1 Exam: Guide To Computing Infras...
Computer Science
ISBN:9780357108376
Author:Jean Andrews, Joy Dark, Jill West
Publisher:Cengage Learning
Text book image
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Text book image
A+ Guide to Hardware (Standalone Book) (MindTap C...
Computer Science
ISBN:9781305266452
Author:Jean Andrews
Publisher:Cengage Learning
Text book image
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
Text book image
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Text book image
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
SEE MORE TEXTBOOKS