- 5 15 Marks Wireshark Internet Protocol And Transmission Control Protocol In This Question Of The Assignment You Wi 1 (119.55 KiB) Viewed 67 times
- 5 15 Marks Wireshark Internet Protocol And Transmission Control Protocol In This Question Of The Assignment You Wi 2 (56.78 KiB) Viewed 67 times
(5) [15 marks] Wireshark: Internet Protocol and Transmission Control Protocol In this
question of the assignment, you will use Wireshark, a packet sniffer, to investigate the behaviors of the IP and TCP protocols. You will analyze a trace that contains TCP segments logged during the transfer of a file containing the text of Alice's Adventure in Wonderland by Lewis Carroll. Note that you do not need to read the full text to answer the following
questions. If you require an introduction to the Wireshark tool, read the "Introduction to Wireshark" document, adapted from Forouzan, B.A., Data Communications and Networking, 5th Ed. New York, NY: McGraw-Hill, 2013. ● Download the Wireshark trace file, assignment4.pcapng, from BCIT Learning Hub | Content | Assignment. View the trace in Wireshark by selecting File | Open from the pull down menu in Wireshark and select assignment4.pcapng. What you should see is series of TCP and HTTP messages between your computer and the server including the initial TCP three-way handshake. Answer the following
questions using the provided Wireshark trace file. a) [1 mark] What is the IPv4 address and port number of the client used to send the HTTP GET request to the server? b) [1 mark] What is the IPv4 address and port number of the server used to receive the HTTP GET request from the client? c) [1 mark] What is the header length of the IP packet containing the HTTP response (HTTP/1.1 200 OK) returned by the server? d) [3 marks] For the IP packet in part (c), extract the IP header information and calculate the IP header checksum. Show all steps of your calculation and verify against the checksum reported in Wireshark. e) [2 marks] What is the absolute sequence number (i.e., not relative), in decimal (not hexadecimal), of the SYN segment that is used to initiate the TCP connection between the client and server? How is this SYN segment identified? [Hint: The absolute sequence number can be found by exploring the contents of the SYN segment in the packet byte pane.]
f) [3 marks] Depict the TCP connection establishment between the client and the server using three-way handshaking as shown in Figure 24.10 in Forouzan, B.A., Data Communications and Networking, 5th Ed. New York, NY: McGraw-Hill, 2013. For each segment, indicate the absolute sequence/acknowledgement numbers in decimal (not hexadecimal) and the control flags that are set in the TCP header. g) [4 marks] Depict the TCP data transfer of the first four TCP segments of a reassembled PDU and associated acknowledgements between the client and the server (i.e., not including the HTTP GET request and associated acknowledgement) after the initial three-way handshaking as shown in Figure 24.11 in Forouzan, B.A., Data Communications and Networking, 5th Ed. New York, NY: McGraw-Hill, 2013. For each segment, indicate the TCP segment length and the absolute sequence/acknowledgement numbers in decimal (not hexadecimal).