I need help with this labAnswer the following questionsabout trace file www_umuc_edu.cap.
1. Download trace file www_umuc_edu.cap (see attached) and open it with Wireshark.
2. Find the first TCP handshake. These are packet numbers ____, ____, and _____.
3. What is the IP address of the host that started the handshake? __________________.
4. What is the TCP port connection pair for this handshake? ______, ______.
5. In the first packet of the handshake, the source port is the ephemeral port this host wants to use for the connection, and the destination port indicates the application the host wants to use on the serving host. What application does the host want to use on the serving host?______________
6. Look at packet number 14. Is this part of the conversation initiated by the first handshake? _____
II. Build a filter to see only the first handshake and the conversation for this connection.
1. Click Analyze (or "Edit" on other versions of ethereal) and select Display Filters from the drop-down list. This brings you to the Edit Display Filters List.
2. Click "Expression"
3. Expand TCP (click the plus sign next to TCP), and highlight "Source or Destination Port".
4. In the Relation section highlight == .
5. In the Value field type the source port used by the host that initiated the conversation. (The source port should be 1097 in this example).
6. Click "OK". Now there is a filter string in the Edit Display Filter List window. (The filter string should be "tcp.port == 1097".)
7. In the Filter name box type "Conversation on 1097".
8. Click New, then OK. Now you have defined a filter (but not yet applied it).
III. Answer question 4.
The handshake establishes the initial sequence numbers for each connection. Try to follow the sequence numbers in the conversation. Now change the display to show relative sequence numbers:
1. Click Edit and select Preferences from the drop-down list.
2. Drill down into Protocols until you get to TCP.
3. Highlight TCP and select the options, "Analyze TCP sequence numbers" and "Relative sequence numbers and window scaling." Click OK. Try again to follow the sequence numbers.
4. You cannot see the "next sequence number" in the summary pane for packet number 6. Look for it in the protocol tree pane. Explain why packet number 7 says "ACK ."
261,329 students got unstuck by Course
Hero in the last week
Our Expert Tutors provide step by step solutions to help you excel in your courses