3.B.) (40 POINTS 5 POINTS each) Use the attached file Sample.Capture.pcapng for this question. Open this file in Wireshark and go to packet number 69.

Answer the following questions:

i. What is the protocol type of this packet?

ii. What is the source port number?

iii. What is the destination port number?

iv. What kind of an application traffic (such as email traffic, puTTy traffic, or web browser traffic) do you think has been captured in this packet? Why?

v. What is the destination IP address?

vi. What is the destination hostname? vii. Which flag(s) of the TCP header are set?

viii. What is the exact time this packet has been captured (assuming that the capture file start with time: 0.0000)

SampleCapture.pcapng File Edit View Go Capture Analyze Statistics Telephony ireless Tools Help Apply a display Filter.. Ctrlfs No Time Destnaton Protoco Length Info t eld qary 18 Standard qery respenscxe A wwa.utdallas.ed CHAME zxtec-ti-2.udallas.edu 66 39149 , se l SYNI seqe n'an-0192 Lenz9 NS5-1450 (45:255 SACK FERY:i 120.119.16.38 3 2.799814 192.158.1 54 30158 [ACK] S Ack-i win-88348 Len- 66 99 , 39149 1 SYN. ACK! Seq=8 Ack=1 h1nz49699 LenNSS-1380 MS-i SACK PERM= B4.133.133 5409 , 39112 IACKI seq:i Ack-2 hin=7936 Len 9 Ethernet Internet 11, c : cclickTe 75 : 5b : b2 ac :81 . 1275:50. b2), Dat : neste11T Protccol Versian 4 Sro: 192.163.1.&, Ost: 122.118.18.3 4a : 25 : 70 (99 . 23.07:4s. CS: 79) xthtn Hppl 148 33 d 41 63 63 57 74 2d 45 3 4 36 Acce pt-Encad c, sdch ADDept-L 2.138828 022g2 72 61 5c 7e 75 74 636374 3d 2.:7274 rrnllutr cots/art 69 3 c 65 2f 39 21 25 2 38 2 39 34 2f 3b iclevs 938224 4122809 31 33 39 3 3 32 37 7 30 6 39 3 31 73 3 13933277 96981:55 Hypertext Transfer Protocol http), 604 bytes Packets: 3537 . Displayed: 3537(100.0%) Profile: Defauit SampleCapture.pcapng File Edit View Go Capture Analyze Statistics Telephony ireless Tools Help Apply a display Filter.. Ctrlfs No Time Destnaton Protoco Length Info t eld qary 18 Standard qery respenscxe A wwa.utdallas.ed CHAME zxtec-ti-2.udallas.edu 66 39149 , se l SYNI seqe n'an-0192 Lenz9 NS5-1450 (45:255 SACK FERY:i 120.119.16.38 3 2.799814 192.158.1 54 30158 [ACK] S Ack-i win-88348 Len- 66 99 , 39149 1 SYN. ACK! Seq=8 Ack=1 h1nz49699 LenNSS-1380 MS-i SACK PERM= B4.133.133 5409 , 39112 IACKI seq:i Ack-2 hin=7936 Len 9 Ethernet Internet 11, c : cclickTe 75 : 5b : b2 ac :81 . 1275:50. b2), Dat : neste11T Protccol Versian 4 Sro: 192.163.1.&, Ost: 122.118.18.3 4a : 25 : 70 (99 . 23.07:4s. CS: 79) xthtn Hppl 148 33 d 41 63 63 57 74 2d 45 3 4 36 Acce pt-Encad c, sdch ADDept-L 2.138828 022g2 72 61 5c 7e 75 74 636374 3d 2.:7274 rrnllutr cots/art 69 3 c 65 2f 39 21 25 2 38 2 39 34 2f 3b iclevs 938224 4122809 31 33 39 3 3 32 37 7 30 6 39 3 31 73 3 13933277 96981:55 Hypertext Transfer Protocol http), 604 bytes Packets: 3537 . Displayed: 3537(100.0%) Profile: Defauit