Using the xela.cap file

a. Compose a regular expressions (regex) command in a Cygwin terminal which will provide a histogram of the source addresses for TCP packets. (hint - what if I asked for http traffic?) It should look like: 

 

192.168.0.11      443

52.114.158.52   443

...

...

...

b. From which address has 66 packets been received?

 

 

Sample of the xela.cap file but there are many more packets not shown.

"717","78.652882","192.168.0.2","239.255.255.250","SSDP","381","NOTIFY * HTTP/1.1 "
"718","78.657394","192.168.0.2","239.255.255.250","SSDP","424","NOTIFY * HTTP/1.1 "
"719","78.660869","192.168.0.2","239.255.255.250","SSDP","426","NOTIFY * HTTP/1.1 "
"720","78.665083","192.168.0.2","239.255.255.250","SSDP","438","NOTIFY * HTTP/1.1 "
"721","78.669126","192.168.0.2","239.255.255.250","SSDP","436","NOTIFY * HTTP/1.1 "
"722","78.673177","192.168.0.2","239.255.255.250","SSDP","452","NOTIFY * HTTP/1.1 "
"723","78.847252","204.79.197.200","192.168.0.11","TCP","60","443  >  50777 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0"
"724","79.667287","192.168.0.3","192.168.0.11","UDP","360","60000  >  50801 Len=318"
"725","360","60000  >  50801 Len=318"
"726","80.283650","192.168.0.1","239.255.255.250","SSDP","328","NOTIFY * HTTP/1.1 "
"727","80.297132","192.168.0.1","239.255.255.250","SSDP","391","NOTIFY * HTTP/1.1 "
"728","80.297134","192.168.0.1","239.255.255.250","SSDP","319","NOTIFY * HTTP/1.1 "
"729","80.297135","192.168.0.1","239.255.255.250","SSDP","328","NOTIFY * HTTP/1.1 "
"730","80.297136","192.168.0.1","239.255.255.250","SSDP","367","NOTIFY * HTTP/1.1 "
"731","80.311325","192.168.0.1","239.255.255.250","SSDP","387","NOTIFY * HTTP/1.1 "
"732","80.311331","192.168.0.1","239.255.255.250","SSDP","383","NOTIFY * HTTP/1.1 "
"733","80.311332","192.168.0.1","239.255.255.250","SSDP","399","NOTIFY * HTTP/1.1 "
"734","80.314734","192.168.0.1","239.255.255.250","SSDP","381","NOTIFY * HTTP/1.1 "
"735","81.507628","192.168.0.11","52.114.158.52","TCP","54","50850  >  443 [FIN, ACK] Seq=1 Ack=1 Win=1024 Len=0"