Question
What is happening with frame 42? In frame 44, look closely at the source and destination IP ports and at the TCP flags. What is
What is happening with frame 42?
In frame 44, look closely at the source and destination IP ports and at the TCP flags. What is happening here?
Look at frames 53 and 54. Look at the source and destination ports as well as the TCP flags. What does it look like is happening there?
Look at the frames up to 262. Take a look at the source and destination IP addresses as well as the ports and TCP flags. What do you think may be happening here and what evidence do you have?
week2.pcap File Edit View Go Capture Analyze Statistics Telephony Wireless Tools Help Apply a display filter .. Ctri-> Protocol Length Info DNS DNS TCP No. Time Source 172. 17. 4 , 95 216.93.145.247 172.17.4.95 172.17.4.95 172.17.4.95 172.17.4.95 172.17.4.95 84 Standard query exe5a1 PTR 95.4.17.172.in-addr.arpa 40 1.262895 41 1.277896 42 1.288976 43 1.281872 44 1.281886 45 1.281184 46 1.281198 216.93.145.247 172.17.4.95 172.17.4.95 172.17.4.95 172.17.4.95 172.17.4.95 172.17.4.95 136 Standard query response 8xesal No such name PTR 95.4.17.172.in-addr.arpa SOA 17.172.in-addr.arpa TCP TCP TCP 58 37176 111 [SYN] Seq-e Win-1024 Len-0 MSS-1460 58 111 37176 [SYN, ACK] Seq=0 Acke1 win=32792 Len-e Mss-16396 54 37176 111 [RST] Seq-1 win-e Len-e 58 37176 135 [SYN] Seqs0 Wina1024 Len-0 MSS-1460 54 135 37176 [RST, ACK] Seq=1 Ackz1 win-e Lense 4 Frame 42: 58 bytes on wire (464 bits), 58 bytes captured (464 bits) Encapsulation type: Ethernet (1) Arrival Time: Apr 21, 2815 13:28:87.616771e Eastern Daylight Time [Time shift for this packet: 0.000000000 seconds] Epoch Time: 1429637287.61677100a seconds [Time delta from previous captured frame: 9.00308000 seconds] Time delta from previous displayed frame: 0.00308000 seconds] Time since reference or first frame: 1.280976808 seconds] Frame Number: 42 Frame Length: 58 bytes (464 bits) Capture Length: 58 bytes (464 bits) [Frame is marked: False] [Frame is ignored: False] [Protocols in frame: eth:ethertype:ip:tcp] [Coloring Rule Name: TCP SYN/FIN] [Coloring Rule String: tcp.flags & 0xe2 11 tcp.flags.fin1] D Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 90:00:00_60:00:00 (00:00:00:00:90:00) b Internet Protocol Version 4, Src: 172.17.4.95, Dst: 172.17.4.95 Source Port: 37176 Destination Port: 111 Stream index: 0] [TCP Segment Len: 0] Sequence number: (relative sequence number) Acknowledgment number: 8 0110 - Header Length: 24 bytes (6) 4 Flags: ex902 (SYN) 000. ...0... ...e... = Reserved: Not set -Nonce: Not set - Congestion Window Reduced (CWR): Not set .. e. = Urgent: Not set ...- Push: Not set 0.. r Reset: Not set Syn: 0 Fin: Not set .. Window size value: 1024 Calculated window size: 1824] Checksum: 0xd3f9 [unverified] Checksun Status: Unverified OFrame (frame), 58 bytes Packets: 428 . Displayed: 428 (100.0%) . Load time: 0:0.9 Profile: Default
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Database Management Systems Designing And Building Business Applications
Authors: Gerald V. Post
1st Edition
0072898933, 978-0072898934
