INFA620 Lab2

INFA620 Lab2

Is this a two-way conversation?

One way conversation

Are there any ACK’s?

The are no visible ACKs

How long is the data portion of each packet? Why?

Packet length is 78 bytes

Why is the sequence number zero (seq=0) in every packet?

The sequence number is 0 in every packet because there was never and ACK to increase the sequence number.

Why do the port numbers change in every packet?

It appears to be a port scan.

Look at the “Time” column in the summary pane. How do you interpret it?

The time is increasing.

Click the “View” menu and select “Time Display Format”. “Seconds since beginning of capture” is checked. Select “Seconds since Previous Captured Packet”. How frequently are these packets being sent?

The packets are being sent between 16 and 19 seconds.

Where in the protocol tree pane would you find the protocol “Type” field?

The Internet Packet pane displays the protocol type as Protocol: TCP.

Look in the flags section of the transport layer (Transmission Control Protocol” in the protocol tree section for one of the packets. What flags are set?

The SYN flags are set.

How does a SYN attack deny service?

A SYN attack denies service because it send the request without waiting for a response. The system being attack attempts to respond to each request and soon gets overloaded.