Notice that SYN and ACK are set, indicating the second segment in the TCP three-way handshake.Īctivity 4 - Analyze TCP ACK Traffic Notice that the actual acknowledgement number is one greater than the sequence number in the previous segment. To see the actual acknowledgement number, select Acknowledgement number to highlight the acknowledgement number in the bottom pane. Notice that it is 1 (relative ack number). To see the actual sequence number, select Sequence number to highlight the sequence number in the bottom Wireshark bytes pane. Notice that it is 0 (relative sequence number).
Notice that it is the same dynamic port selected for this connection. Notice that the destination address is your IP address. Notice that the source address is the Google web server IP address. The destination should be your MAC address and the source should be your default gateway MAC address.
Observe the Destination and Source fields. In the top Wireshark packet list pane, select the second TCP packet, labeled SYN, ACK. Notice that SYN is set, indicating the first segment in the TCP three-way handshake.Īctivity 3 - Analyze TCP SYN, ACK Traffic To see the actual sequence number, select the Sequence number to highlight the sequence number in the bottom Wireshark bytes pane. Notice that it is a dynamic port selected for this connection. Expand Transmission Control Protocol to view TCP details. Notice that the destination address is the IP address of one of Google's web servers. Notice that the source address is your IP address. Expand Internet Protocol Version 4 to view IP details. The destination should be your default gateway's MAC address and the source should be your MAC address. Expand Ethernet II to view Ethernet details. Notice that it is an Ethernet II / Internet Protocol Version 4 / Transmission Control Protocol frame. Observe the packet details in the middle Wireshark packet details pane. Select the first TCP packet, labeled http. To view only TCP traffic related to the web server connection, type tcp.port = 80 (lower case) in the Filter box and press Enter. Observe the traffic captured in the top Wireshark packet list pane. Close the command prompt to close the TCP connection.Īctivity 2 - Analyze TCP SYN Traffic. Wikipedia: Transmission Control ProtocolĪctivity 1 - Capture TCP Traffic. These activities will show you how to use Wireshark to capture and analyze Transmission Control Protocol (TCP) traffic. 
Wireshark is a free and open source packet analyzer used for network troubleshooting and analysis. 8 Activity 6 - Analyze TCP FIN ACK Traffic.7 Activity 5 - Analyze TCP FIN ACK Traffic.5 Activity 3 - Analyze TCP SYN, ACK Traffic.
0 kommentar(er)
