Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1. Review the second capture file (Project Part I-b ) and determine what is happening with the HTTP traffic in this capture. How is the
1. Review the second capture file (Project Part I-b) and determine what is happening with the HTTP traffic in this capture.
How is the traffic different from the first capture? Describe the traffic: what packets are involved and what is happening? (include source, destination, time of capture)
Take a screenshot of the actual packets within the capture file that you observed.
Apply a display filter... Time No. 1 2 0.046905 0.000000 3 0.046956 4 0.047068 5 0.094268 6 0.096673 7 0.096702 8 0.096785 9 0.096789 0.100001 0.100023 Source 192.168.1.140 174.143.213.184 192.168.1.140 192.168.1.148 174.143.213.184 174.143.213.184 192.168.1.140 174.143.213.184 Expression... Destination 174.143.213.184 TCP 192.168.1.140 TCP 174.143.213.184. TCP 174.143.213.184 192.168.1.148. 192.168.1.140 174.143.213.184 HTTP TCP TCP TCP 192.168.1.140 192.168.1.140 174.143.213.184 174.143.213.184 TCP TCP 192.168.1.148 TCP 192.168.1.140 174.143.213.184 TCP 0.144237 174.143.213.1841 0.144263 192.168.1.140 0.147063 174.143.213.184 8.147872 192.168.1.148 192.168.1.140 174.143.213.184. 192.168.1.140 174.143.213.184 TCP TCP TCP TCP 0.147184 174.143.213.184 192.168.1.140 0.147192 192.168.1.140 174.143.213.184 TCP TCP 8.149480 174.143.213.184 192.168.1.140 0.149488 192.168.1.148 174.143.213.184 TCP TCP 8.149683 174.143.213.184 192.168.1.148 TCP 0.149611 192.168.1.148 174.143.213.184 TCP 0.149726 174.143.213.1841 8.149735 192.168.1.140 0.191646 174.143.213.184 0.191658 192.168.1.148 192.168.1.140 174.143.213.184. 192.168.1.140 174.143.213.184 TCP TCP TCP TCP 0.194472 174.143.213.184 0.194481 192.168.1.140 192.168.1.140 174.143.213.184 TCP TCP 8.196601 174.143.213.184 192.168.1.140 0.196689 192.168.1.140 174.143.213.184 TCP TCP 8.196723 174.143.213.184 192.168.1.148 TCP 0.196731 192.168.1.148 174.143.213.184 TCP 0.197342 174.143.213.184 192.168.1.140 TCP 0.197350 192.168.1.140 174.143.213.184 TCP 0.199928 174.143.213.184 0.199936 192.168.1.148 192.168.1.140 174.143.213.184 TCP TCP 0.199950 174.143.213.184 192.168.1.140 HTTP 0.199955 -0.200580 192.168.1.140 192.168.1.140 174.143.213.184 TCP Protocol Length Info 74 57678-88 [SYN] Seq=0 Win=5848 Len-8 MSS-1468 SACK_PERM=1 TSval=2216538 TSecr=0 WS=128 74 80 57678 [SYN, ACK] Seq- Ack-1 Win-5792 Len- MSS-1468 SACK PERM-1 TSval-835172936 TSecr-2216538 WS=64 66 5767888 [ACK] Sec-1 Ack 1 Win 5888 Len 0 TSval-2216543 TSecr 835172936 200 GET /images/layout/logo.png HTTP/1.0 66 8057678 [ACK] Seq-1 Ack-135 Win-6912 Len-0 TSval-835172948 TSecr=2216543 1514 80-57678 [ACK] Seq 1 Ack=135 Win=6912 Len=1448 TSval=835172948 TSecr-2216543 [TCP segment of a reassembled PDU 66 57678 88 [ACK] Seq-135 Ack-1449 Win-8832 Len-0 TSval-2216548 TSecr=835172948 1514 8057678 [ACK] Sec 1449 Ack 135 Win 6912 Len 1448 TSval 835172948 TSecr 2216543 ITCP segment of a reassembled 66 57678 88 [ACK] Seq-135 Ack-2897 Win-11648 Len-0 T5val-2216548 TSecr=835172948 1514 8057678 [ACK] Seq-2897 Ack-135 Win-6912 Len=1448 TSval-835172948 TSecr=2216543 [TCP segment of a reassembled 66 57678 88 [ACK] Sec-135 Ack-4345 Win=14592 Len-0 TSval-2216548 TSecr=835172948 1514 80 57678 [ACK] Seq-4345 Ack-135 Win-6912 Len-1448 TSval-835172961 TSecr-2216548 [TCP segment of a reassembled 66 57678 88 [ACK] Sec 135 Ack 5793 Win-17536 Len-0 TSval-2216553 TSecr 835172961 1514 8057678 [ACK] Seq-5793 Ack-135 Win-6912 Len-1448 TSval-835172961 TSecr-2216548 [TCP segment of a reassembled 66 57678 88 [ACK] Sec-135 Ack-7241 Win=20352 Len-0 TSval-2216553 TSecr=835172961 1514 80-57678 [ACK] Seq-7241 Ack=135 Win=6912 Len=1448 TSval-835172961 TSecr-2216548 TCP segment of a reassembled. 66 57678 88 [ACK] Seq-135 Ack-8689 Win-23296 Len-0 TSval-2216553 TSecr-835172961 1514 8057678 [ACK] Sec-8689 Ack 135 Win 6912 Len 1448 TSval 835172961 TSecr 2216548 ITCP segment of a reassembled 66 57678 88 [ACK] Seq-135 Ack-10137 Win-26112 Len-0 T5val-2216553 T5ecr-835172961 1514 8057678 [ACK] Seq-10137 Ack-135 Win-6912 Len=1448 TSval=835172961 TSecr=2216548 [TCP segment of a reassembled. 66 57678 88 [ACK] Sec-135 Ack=11585 Win-29856 Len-0 TSval-2216553 TSecr=835172961 1514 80 57678 [ACK] Seq-11585 Ack-135 Win-6912 Len-1448 TSval-835172961 TSecr-2216548 [TCP segment of a reassembled 66 57678 88 [ACK] Sec-135 Ack 13033 Win 32000 Len-0 TSval-2216553 TSecr 835172961 1514 8057678 [ACK] Seq-13033 Ack-135 Win-6912 Len=1448 TSval-835172973 TSecr-2216553 [TCP segment of a reassembled 66 57678 88 [ACK] Sec-135 Ack=14481 Win-34816 Len-0 TSval-2216557 TSecr=835172973 1514 80-57678 [PSH, ACK] Seq=14481 Ack=135 Win=6912 Len=1448 TSval=835172973 TSecr=2216553 [TCP segment of a reasse 66 57678 80 [ACK] Sec-135 Ack-15929 Win-37760 Len-0 TSval-2216558 TSecr-835172973 1514 8057678 [ACK] Seq 15929 Ack 135 Win 6912 Len 1448 TSval 835172973 TSecr 2216553 ITCP segment of a reassembled 66 5767888 [ACK] Seq-135 Ack-17377 Win-40704 Len-0 T5val-2216558 T5ecr-835172973 1514 8057678 [ACK] Seq-17377 Ack=135 Win=6912 Len=1448 TSval=835172973 TSecr=2216553 (TCP segment of a reassembled. 66 57678 88 [ACK] Sec-135 Ack=18825 Win=43520 Len-0 TSval-2216558 TSecr=835172973 1514 80 57678 [ACK] Seq-18825 Ack-135 Win-6912 Len-1448 TSval-835172973 TSecr-2216553 [TCP segment of a reassembled. 66 57678 88 [ACK] Sec 135 Ack-20273 Win 46464 Len 0 TSval 2216558 TSecr 835172973 1514 8057678 [ACK] Seq-20273 Ack-135 Win-6912 Len-1448 TSval-835172973 TSecr-2216553 [TCP segment of a reassembled 66 57678 88 [ACK] Sec-135 Ack-21721 Win-49280 Len-0 TSval-2216558 TSecr=835172973 391 HTTP/1.1 200 OK (PNG) 66 57678 80 [ACK] Sec-135 Ack-22046 Win-52224 Len-0 TSval-2216558 TSecr-835172974 174.143.213.184. TCP 66 5767888 [FIN, ACK] Sec-135 Ack 22046 Win 52224 Len 0 TSval 2216558 TSecr 835172974 Frame 1: 74 bytes on wire (592 bits), 74 bytes captured (592 bits) Ethernet II, Src: AsustekC_b3:01:84 (00:1d:60:b3:01:84), Ost: Actionte 2f:47:87 (00:26:62:26:47:87) Internet Protocol Version 4, Sre: 192.168.1.148, Dst: 174.143.213.184 Transmission Control Protocol, Src Port: 57678, Dst Port: 80, Seq: 0, Len: 0 0088 08 26 62 2f 47 87 00 10 0018 08 3c cb 5b 40 00 40 06 0028 d5 b8 el 4e 00 50 8e 50 0838 16 de 81 47 00 00 02 04 0848 d2 5a 00 00 00 00 01 03 60 63 01 84 08 08 45 00 28 e4 c8 a8 01 8c ac 8f 19 01 00 00 00 00 20 02 05 04 04 02 08 08 00 21 03 07 &b/G.. E -N-P.P G Z Project Part I-b.pcap Packets: 40 Displayed: 40 (100.0%) Profile: Default
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Based on your provided Wireshark screenshot lets walk through the observed HTTP traffic and how it behaves within this packet capture Ill outline the key observations related to the packets whats happ...
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Database Management An Organizational Perspective
Authors: Richard T. Watson
1st Edition
0471305340, 978-0471305347
