AI Report
AI Report
Wireshark.pdf
Assignment
Class
University
Document Details
Submission ID
trn:oid:::1:2881116404 16 Pages
Download Date
File Name
tmp9aiol0wz
File Size
3.5 MB
0%
Caution: Percentage may not indicate academic misconduct. Review required.
Our testing has found that there is a higher incidence of false positives when the percentage is less than 20. In order to reduce the
likelihood of misinterpretation, the AI indicator will display an asterisk for percentages less than 20 to call attention to the fact that
the score is less reliable.
However, the final decision on whether any misconduct has occurred rests with the reviewer/instructor. They should use the
percentage as a means to start a formative conversation with their student and/or use it to examine the submitted assignment in
greater detail according to their school's policies.
Non-qualifying text, such as bullet points, annotated bibliographies, etc., will not be processed and can create disparity between the submission highlights and the
percentage shown.
In a longer document with a mix of authentic writing and AI generated text, it can be difficult to exactly determine where the AI writing begins and original writing
ends, but our model should give you a reliable guide to start conversations with the submitting student.
Disclaimer
Our AI writing assessment is designed to help educators identify text that might be prepared by a generative AI tool. Our AI writing assessment may not always be accurate (it may misidentify
both human and AI-generated text) so it should not be used as the sole basis for adverse actions against a student. It takes further scrutiny and human judgment in conjunction with an
organization's application of its specific academic policies to determine whether any academic misconduct has occurred.
ASSIGNMENT
Table of Contents
Contents
1. Question # 1: ................................................................................................................................................................... 5
2. Question # 2: ................................................................................................................................................................... 6
3. Question # 3: ................................................................................................................................................................... 7
4. Question # 4: ................................................................................................................................................................... 8
5. Question # 5: ................................................................................................................................................................... 9
6. Question # 6: ................................................................................................................................................................. 12
7. Question # 7: ................................................................................................................................................................. 13
8. Question # 8: ................................................................................................................................................................. 14
9. Question # 9: ................................................................................................................................................................. 15
Tutorial 1: TCP
Starting Question:
Follow the following steps for finding the TCP port number used by client (source) that is
transfering the file to server gaia.cs.umass.edu.
Open the already captured packet file (tcp-ethereal-trace-1) in wireshark.
Filter the TCP packets.
In the packet list Identify an HTTP message. Find an HTTP POST message as it shows the data
transfer from the client to the server.
Note down that IP address and port number of the client computer through which the file is
captured.
According to below figure, the IP address of the client computer (source)’s is 192.168.1.102 and
its TPC port number is 1161.
1. Question # 1:
Follow the following steps for finding the TCP port number used by client (source) that is
transfering the file to server gaia.cs.umass.edu.
Open the already captured packet file (tcp-ethereal-trace-1) in wireshark.
Filter the TCP packets.
Identify any TCP segment sent by gaia.cs.umass.edu in the packet list. Check the destination
IP address to identify, which should match gaia.cs.umass.edu.
Select the TCP segment sent by gaia.cs.umass.edu.
Note down the IP address of gaia.cs.umass.edu, along with the source and destination port
numbers.
According to below figure, the IP address of gaia.cs.umass.edu is 128.119.245.12 and the TCP
port number is 80.
2. Question # 2:
To find the sequence number of the TCP SYN segment used to initiate the TCP connection
between the client computer and gaia.cs.umass.edu, follow these steps:
Open the Wireshark captured packet file (tcp-ethereal-trace-1).
Filter the packets by TCP:
Locate the initial TCP SYN segment in the packet list. The SYN flag should be set in the "Flags"
column, indicating that it is a SYN segment.
Note down the sequence number of the TCP SYN segment.
The sequence number of the TCP SYN segment to imitate the TCP connection
between the client computer and gaia.cs.umass.edu. is “0”.
According to below figure,go to the Flags section, observe the the Syn flag it is set to 1 which
indicates that this segment is a SYN segment.
3. Question # 3:
The SYNACK segment transmitted by gaia.cs.umass.edu to the client machine in response to the
SYN has a sequence number of 0. See picture below.
In the SYNACK section, the acknowledgment field has a value of 1. The server gaia.cs.umass.edu
determines the value of the Acknowledgment field in the SYNACK segment.
The server adds 1 to the beginning sequence number of the SYN segment received from the client
machine. Since the client computer's SYN segment's beginning sequence number is 0, the
Acknowledgment field in the SYNACK segment has a value of 1.
If the segment's Acknowledgment and SYN flags are both set to 1, the segment will be recognized
as a SYNACK segment.
4. Question # 4:
Take the following actions to determine the TCP segment sequence number that contains the
HTTP POST command:
To view the collected packet file (tcp-ethereal-trace-1), open it using Wireshark.
Use TCP to filter the packets.
Search the packet content field at the bottom of the Wireshark display for the HTTP POST
command. Each packet's real data payload is shown in this field.
Choose the packet that contains the HTTP POST command when you've found it.
Open the Transmission Control Protocol section in the packet details pane at the bottom of
the Wireshark window and expand it.
Locate the "Sequence number" field, holding the TCP segment sequence number that carries
the HTTP POST instruction.
According to below figure, the segment No.4 in the packet list contains the HTTP POST command.
The sequence number of this segment is 1.
5. Question # 5:
From Segments 1‐6
As shown in the below figure, the segments 1-6 are segment No. 4, 5, 7, 8, 10 and 11.
The sequence number for Segment 1 is 1
The sequence number for Segment 2 is 566
The sequence number for Segment 3 is 2026
The sequence number for Segment 4 is 3486
The sequence number for Segment 5 is 4946
The sequence number for Segment 6 is 6406
As shown in below figure, The ACK of segments 1-6 are segment No. 6, 9, 12, 14, 15 and 16
For Segment 1:
Estimated RTT1= RTT1 = 0.02746
Estimated RTT1 =RTT1 =0.02746
For Segment 2:
Estimated RTT = 0.875 * Estimated RTT + 0.125 * Sample RTT
Estimated RTT2=0.875×0.02746+0.125×0.035557
Estimated RTT2 =0.028498125
For Segment 3:
Estimated RTT = 0.875 * Estimated RTT + 0.125 * Sample RTT
Estimated RTT3=0.875×0.028498125+0.125×0.070059
Estimated RTT3=0.033704805
For Segment 4:
Estimated RTT = 0.875 * Estimated RTT + 0.125 * Sample RTT
Estimated RTT4=0.875×0.033704805+0.125×0.114428
Estimated RTT4 =0.043831349
For Segment 5:
Estimated RTT = 0.875 * Estimated RTT + 0.125 * Sample RTT
Estimated RTT5=0.875×0.043831349+0.125×0.199814
Estimated RTT5 =0.063259507
For Segment 6:
Estimated RTT = 0.875 * Estimated RTT + 0.125 * Sample RTT
Estimated RTT6=0.875×0.063259507+0.125×0.189645
Estimated RTT6 =0.079126351
6. Question # 6:
The length of the first TCP segment is 565 bytes,
The length of the second TCP segment is 1460 bytes
The length of the third TCP segment is 1460 bytes
The length of the fourth TCP segment is 1460 bytes
The length of the fifth TCP segment is 1460 bytes
The length of the sixth TCP segment is 1460 bytes
7. Question # 7:
The minimum amount of available buffer space advertised at the received for the entire trace is
indicated first ACK from the server. Its value is 5840 bytes (shown in below figure).
According to the trace, the sender is never throttled due to lacking of receiver buffer space.
8. Question # 8:
Since all sequence numbers in the time sequence graph (Stevens) are rising monotonically, there
are no retransmitted segments in the trace file.
9. Question # 9:
The receiver normally acknowledges 1460 bytes of data in an ACK. This is because the majority of
data segments delivered by the sender are 1460 bytes in length, which is the Maximum Segment
Length (MTU) usually used on Ethernet networks.
So, the throughput for the TCP connection is approximately 63378.728 bytes/second.