[Solved] Using Wireshark on this Virtual Machine (

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 25, 2024

Using Wireshark on this Virtual Machine (image below), can anybody explain to me the STEPS on How to get these answers. Questions 1) What TCP

Using Wireshark on this Virtual Machine (image below), can anybody explain to me the STEPS on How to get these answers.

image text in transcribed

Questions

1) What TCP port is being used by the client (packet 1, source IP 192.168.40.128) to connect to the server (64.106.58.24)?

2) What is the syntax for the filter that will display only SSLv3 packets (Note: you only want SSLv3, you dont want other versions of SSL Hint: Review how you selected for only HTTP, except go look in the packet details for Version SSL = 3.0 (0x0300))?

3) What percent of Secure Socket Layer (SSL) packets is in the transmission? 10) If you follow the TCP stream what useful data can you save? Why?

OX http.cap - Wireshark File Edit View Go Capture Analyze Statistics Telephony Tools Help Filter: Expression... Clear Apply No. Time Source Protocol Info 1 0.000000 2 0.005156 3 0.008759 4 0.024763 5 0.024944 6 0.025510 7 0.025812 8 0.033682 9 0.033764 10 0.033905 11 0.068520 12 0.068606 13 0.068785 14 0.068938 15 0.069085 16 0.069162 17 0.069185 192.168.40.128 192.168.40.2 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 129.24.8.26 129.24.8.26 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 192.168.40.128 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 Destination 192.168.40.2 192.168.40.128 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 192.168.40.128 192.168.40.128 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 129. 24.8.26 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 DNS DNS TCP TCP TCP HTTP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP Sta Sta bes htt bes GET htt [TC [TC bes [TC [TC bes [TC bes [TC CTC # Frame 1 (71 bytes on wire, 71 bytes captured) + Ethernet II. Src: Vmware 17:42:20 (00:00:29:17:42:20). Dst: Vmware f9:71:28 (00:50:56:19, 0000 00 50 56 49 71 28 00 00 29 1f 4e eo 08 00 45 00 PV...).N... E 0010 00 39 16 9e 00 00 80 11 52 43 co a 8 28 80 CO a 8 .9..... RC..... 0020 28 02 04 02 00 35 00 25 di C9 00 24 01 00 00 01 (....5.% ...$.... 0030 00 00 00 00 00 00 03 77 77 77 03 75 6e 6d 03 65 .......www.unm.e 0040 64 75 00 00 01 00 01 du..... File: "C:\Documents and Settings\Administrator... Packets: 248 Displayed: 248 Marked: 0 Profile: Default OX http.cap - Wireshark File Edit View Go Capture Analyze Statistics Telephony Tools Help Filter: Expression... Clear Apply No. Time Source Protocol Info 1 0.000000 2 0.005156 3 0.008759 4 0.024763 5 0.024944 6 0.025510 7 0.025812 8 0.033682 9 0.033764 10 0.033905 11 0.068520 12 0.068606 13 0.068785 14 0.068938 15 0.069085 16 0.069162 17 0.069185 192.168.40.128 192.168.40.2 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 129.24.8.26 129.24.8.26 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 192.168.40.128 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 Destination 192.168.40.2 192.168.40.128 129.24.8.26 192.168.40.128 129.24.8.26 129.24.8.26 192.168.40.128 192.168.40.128 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 129. 24.8.26 192.168.40.128 129.24.8.26 192.168.40.128 192.168.40.128 DNS DNS TCP TCP TCP HTTP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP Sta Sta bes htt bes GET htt [TC [TC bes [TC [TC bes [TC bes [TC CTC # Frame 1 (71 bytes on wire, 71 bytes captured) + Ethernet II. Src: Vmware 17:42:20 (00:00:29:17:42:20). Dst: Vmware f9:71:28 (00:50:56:19, 0000 00 50 56 49 71 28 00 00 29 1f 4e eo 08 00 45 00 PV...).N... E 0010 00 39 16 9e 00 00 80 11 52 43 co a 8 28 80 CO a 8 .9..... RC..... 0020 28 02 04 02 00 35 00 25 di C9 00 24 01 00 00 01 (....5.% ...$.... 0030 00 00 00 00 00 00 03 77 77 77 03 75 6e 6d 03 65 .......www.unm.e 0040 64 75 00 00 01 00 01 du..... File: "C:\Documents and Settings\Administrator... Packets: 248 Displayed: 248 Marked: 0 Profile: Default