Using Wireshark and Internet Speed Test to Analyze TCP Packets in EECS 563 - Prof. Victor , Assignments of Electrical and Electronics Engineering

The steps to use wireshark and internet speed test to examine tcp packets in the context of an eecs 563 assignment. Students are instructed to run wireshark in non-promiscuous mode and find the involved hosts' addresses, discuss ip and tcp packet sizes, and analyze seq and ack numbers.

Typology: Assignments

Pre 2010

Uploaded on 09/17/2009

koofers-user-5g9
koofers-user-5g9 🇺🇸

10 documents

1 / 1

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Tracking TCP packets
The purpose of this assignment is to use Wireshark and Internet Speed Test to examine
transmit and received TCP packets. In this class you must run Wireshark with the
promiscuous mode turned off. Wireshark is only made available to you in EECS 563 on
EECS computers for you to do the EECS 563 assignments; no other use of Wireshark on
EECS computers is permitted.
1) Start Wireshark
2) Under capture Æ options select the interface your computer uses to send and
receive packets. On my computer it is:
Intel(R) PRO/1000 GT Desktop Adapter (Microsoft's Packet Scheduler) :
\Device\NPF_{5CD5C7FA-3D38-42E3-976B-F091496A5295}
3) Under capture Æ options click off the “Capture packets in promiscuous mode”
4) Click start
5) Run Speed Test from http://speed.sunflower.com/
6) Stop Wireshark
Questions:
1) Find the addresses of the hosts involved in the speed test. Under the
StatisticsÆConversion Lists select TCP. From the list of TCP conversions find
the addresses of the hosts involved in the speed test. Call the address of your
local host Address A, and the address of your remote host Address B.
Use a filter to focus on the packets involved in the speed test. In the filter blank at the
top level of wireshark type in:
ip.src= = Address A or ip.dst= =Address B or ip.dst = = Address A
then click “apply”
Look at the Flow Graph for these packets. Under StatisticsÆFlow Graph click
“Displayed Packets”, “TCP Flow”, and Standard source/destination addresses.
2) What is the size of the IP packets used in this application? Suggest why this value
was selected.
3) What is the size of the TCP packets used in this application?
4) What are the Seq and Ack numbers for the three-way hand shake that set up the
TCP connection (Look at the packets at the start of the connection)?
5) Discuss the relationship between the Seq and Ack numbers you see for the data
packets used in this application.
6) Try and find the close connection packets for this application (go to the end of the
trace), discuss what you observe.

Partial preview of the text

Download Using Wireshark and Internet Speed Test to Analyze TCP Packets in EECS 563 - Prof. Victor and more Assignments Electrical and Electronics Engineering in PDF only on Docsity!

Tracking TCP packets

The purpose of this assignment is to use Wireshark and Internet Speed Test to examine transmit and received TCP packets. In this class you must run Wireshark with the promiscuous mode turned off. Wireshark is only made available to you in EECS 563 on EECS computers for you to do the EECS 563 assignments; no other use of Wireshark on EECS computers is permitted.

  1. Start Wireshark
  2. Under capture Æ options select the interface your computer uses to send and receive packets. On my computer it is: Intel(R) PRO/1000 GT Desktop Adapter (Microsoft's Packet Scheduler) : \Device\NPF_{5CD5C7FA-3D38-42E3-976B-F091496A5295}
  3. Under capture Æ options click off the “Capture packets in promiscuous mode”
  4. Click start
  5. Run Speed Test from http://speed.sunflower.com/
  6. Stop Wireshark

Questions:

  1. Find the addresses of the hosts involved in the speed test. Under the StatisticsÆConversion Lists select TCP. From the list of TCP conversions find the addresses of the hosts involved in the speed test. Call the address of your local host Address A, and the address of your remote host Address B.

Use a filter to focus on the packets involved in the speed test. In the filter blank at the top level of wireshark type in: ip.src= = Address A or ip.dst= =Address B or ip.dst = = Address A then click “apply”

Look at the Flow Graph for these packets. Under StatisticsÆFlow Graph click “Displayed Packets”, “TCP Flow”, and Standard source/destination addresses.

  1. What is the size of the IP packets used in this application? Suggest why this value was selected.
  2. What is the size of the TCP packets used in this application?
  3. What are the Seq and Ack numbers for the three-way hand shake that set up the TCP connection (Look at the packets at the start of the connection)?
  4. Discuss the relationship between the Seq and Ack numbers you see for the data packets used in this application.
  5. Try and find the close connection packets for this application (go to the end of the trace), discuss what you observe.