Question 4 Given below a Point-to-point communication trace taken by Wireshark a network protocol analyzer software. ETHER: Ethernet Header ETHER: Packet 3 arrived at 11:42:27.64 ETHER: Packet size = 64 bytes ETHER: Destination = 8:0:20:18:ba:40 ETHER: Source = aa:0:4:0:lf:c8 ETHER: Ethertype = 0800 (IP) IP: IP Header IP: Version = 4 IP: Header length = 20 bytes IP: Type of service = 0x00 IP: х хх. IP: ...0 IP: IP: IP: Total length = 40 bytes .... = 0 (precedence) = normal delay 0... = normal throughput .0.. = normal reliability IP: Identification = 41980 IP: Flags = 0x4 IP: .1.. = do not fragment = last fragment IP: ..0. IP: Fragment offset = 0 bytes IP: Time to live = 63 seconds/hops IP: Protocol = 6 IP: Header checksum = af63 IP: Source address = 163.173.32.65 IP: Destination address = 216.58.207.4 IP: No options TCP: ТСР Неader TCP: Source port = 1368 TCP: Destination port = 25 (SMTP) TCP: Sequence number = 143515262 TCP: Acknowledgement number = 3128387273 TCP: Data offset = 20 bytes TCP: Flags = 0x10 TCP: ..0. TCP: TCP: TCP: = No urgent pointer = Acknowledgement ..1 ... 0... = No push .0.. = No reset ..0. = No Syn .0 = No Fin TCP: Window = 32120 ТСР: TCP: TCP: Checksum = 0x3c30 TCP: Urgent pointer = 0 TCP: No options Analyse the above trace and indicate the following: a) The protocol used in each of the following layers: Data Link, Network, Transport and Application. b) Source and destination MAC addresses c) Source and destination IP addresses. d) Explain the value 0x10 shown in the flags field (highlighted in blue color in the trace) by indication the type of this captured message? e) Explain the meaning of the value shown in window size (highlighted in blue color in the

Transcribed Image Text:

Question 4 Given below a Point-to-point communication trace taken by Wireshark a network protocol analyzer software. ETHER: Ethernet Header ETHER: Packet 3 arrived at 11:42:27.64 ETHER: Packet size = 64 bytes ETHER: Destination = 8:0:20:18:ba:40 ETHER: Source = aa:0:4:0:1f:c8 ETHER: Ethertype = 0800 (IP) IP: IP Header IP: Version = 4 = 20 bytes IP: Header length IP: Type of service = 0x00 = 0 (precedence) = normal delay 0... = normal throughput = normal reliability IP: х хх. ... IP: ... 0 .... IP: IP: .0.. IP: Total length = 40 bytes = 41980 IP: Identification IP: Flags = 0x4 = do not fragment last fragment 0 bytes IP: .1.. IP: ..0. IP: Fragment offset = IP: Time to live = 63 seconds/hops IP: Protocol = 6 IP: Header checksum = af63 IP: Source address = 163.173.32.65 IP: Destination address = 216.58.207.4 IP: No options ТСP: ----- ТСР Нeader TCP: Source port = 1368 TCP: Destination port = 25 (SMTP) TCP: Sequence number = 143515262 TCP: Acknowledgement number = 3128387273 TCP: Data offset = 20 bytes TCP: Flags = 0x10 ТCР: ..0. ТCР: ...1 = No urgent pointer = Acknowledgement = No push TCP: 0... TCP: .0.. = No reset ТСP: ..0. = No Syn TCP: ...0 = No Fin TCP: Window = 32120 TCP: Checksum = 0x3c30 TCP: Urgent pointer = 0 TCP: No options Analyse the above trace and indicate the following: a) The protocol used in each of the following layers: Data Link, Network, Transport and Application. b) Source and destination MAC addresses c) Source and destination IP addresses. d) Explain the value 0x10 shown in the flags field (highlighted in blue color in the trace) by indication the type of this captured message? e) Explain the meaning of the value shown in window size (highlighted in blue color in the trace)?