Scribd Logo
Carica

Benvenuto in Scribd!

  • Final Project2

    Caricato da

    Joseph Nichols
    33 visualizzazioni6 pagine
    IS3220 it Infrastructure Security Final Project Wireshark Analysis IP Header (Network Layer L3) - Fandango Website Version: 4 - Ipv4 protocol Header Length: 20 bytes - Multiplied by 4 - in bit area at bottom the 45 bits / 4 = version 4 - ipv4 (first 4 bits) 5 = 4(version) x 5 (the second number) gives you 20 bytes (Header length)

    Descrizione originale:

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    IS3220 it Infrastructure Security Final Project Wireshark Analysis IP Header (Network Layer L3) - Fandango Website Version: 4 - Ipv4 protocol Header Length: 20 bytes - Multiplied by 4 - in bit area at bottom the 45 bits / 4 = version 4 - ipv4 (first 4 bits) 5 = 4(version) x 5 (the second number) gives you 20 bytes (Header length)

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    33 visualizzazioni6 pagine

    Final Project2

    Caricato da

    Joseph Nichols
    IS3220 it Infrastructure Security Final Project Wireshark Analysis IP Header (Network Layer L3) - Fandango Website Version: 4 - Ipv4 protocol Header Length: 20 bytes - Multiplied by 4 - in bit area at bottom the 45 bits / 4 = version 4 - ipv4 (first 4 bits) 5 = 4(version) x 5 (the second number) gives you 20 bytes (Header length)

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 6

    Final Project: Wireshark

    Analysis
    IS3220 IT Infrastructure Security

    Name?
    Mr. ?

    Final Project
    Wireshark Analysis

    Name?
    06 Mar 2014
    IS3220

    IP Header (Network Layer L3) Fandango Website


    Version: 4 Ipv4 protocol
    Header Length: 20 bytes
    Multiplied by 4, in bit area at bottom the 45 bits/ 4 = version 4 Ipv4 (first 4 bits)
    5 = 4(version) x 5 (the second number) gives you 20 bytes (Header length)
    Differentiated Services Field: 0x00
    Services for Network Traffic
    ECN Early Congestion Notification
    ECN-CE Early Congestion Notification-Congestion Experience
    If these are set to 1 then the node can handle congestion and if CE is 1 then it is
    already experiencing congestion.
    Total Length: 2751
    20 Byte Header and 2731 Bytes of data and other headers
    Identification: This is unique for each packet
    Flags
    0
    = Security Flag: not evil
    1 = Dont Fragment: set
    0 = More Fragments: not set
    If more Fragments are to come this would be set to 1.
    Fragment Offset: 0
    If fragmented this tells you how to reassemble them. 8 Byte increments if the
    number is 2 then it would be placed 16 Bytes into the packet.
    Time to Live: 128
    After it gets past the first router it will be down to 127 and if all fragmented
    packets if there are any dont make it to the destination before it reaches 0 then it is
    dropped.
    Protocol: TCP (6)
    Just means TCP header is next.
    Any IPs starting with 224 237 represent a multicast

    TCP Header (Transport Layer L4) Fandango Website

    Final Project
    Wireshark Analysis

    Name?
    06 Mar 2014
    IS3220

    Source port: 50682 (50682)


    Destination port: http (80)
    [Stream Index: 3]
    <TCP Segment Len: 2711>
    Sequence number: 1 (relative sequence number)
    [Next sequence number: 2712 (Relative sequence number)]
    Acknowledgment number: 1 (relative ack number)
    Header Length: 20 Bytes
    Flags: 0x018 (PSH, ACK)
    000. . . = Reserved: Not set
    0 . . = Nonce: Not set
    . 0 . = Congestion Window Reduced (CWR): Not set
    . .0.. . = ECN-Echo: Not set
    . ..0.. . = Urgent: Not set
    . 1. . = Acknowledgment: Set (Means that you acknowledge information)
    . . 1 = Push: Set (Data that cannot sit in the TCP buffer it must go out
    immediately, time critical)
    . . .0.. = Reset: Not set
    . . ..0. = Syn: Not set
    . . 0 = Fin: Not set
    Window size value: 16425 (This means you have this much in receive buffer space
    available)
    [Calculated window size: 65700] (This is the window size value x 4)
    [Window size scaling factor: 4] (used to calculate window size, 4 bits)
    Checksum: 0x9275 [validation disabled]

    Final Project
    Wireshark Analysis

    Name?
    06 Mar 2014
    IS3220

    [Good Checksum: False]


    [Bad Checksum: False]
    [SEQ/ACK analysis]
    [Bytes in flight: 2711] (The number of Bytes including headers that are headed
    for the destination.)

    UDP Header (Transport Layer L4) Fandango Website


    Source port: domain (53)
    Destination port: 49857 (49857)
    Length: 133 Bytes
    <Checksum coverage: 133> (Basically saying the size of the packet that Checksum is
    looking at)
    Checksum: 0x229f [validation disabled]
    [Good Checksum: False]
    [Bad Checksum: False]

    Final Project
    Wireshark Analysis

    Name?
    06 Mar 2014
    IS3220

    Final Project
    Wireshark Analysis

    Name?
    06 Mar 2014
    IS3220

    Potrebbero piacerti anche