Question

Wireshark Question:

4555522222 8 389 2 3 kk325 99111 2 2 7375661 67 .7 7 7 7 9 9 9 9 9 1111115 8 8 8 8 8 8 8 8 8 4 456 9 6 9 99666 08888 kkkkk95

a. Find the most active TCP conversation in the file (by bits per second).

b. What is the total amount of bytes transferred from A to B and from B to A in the most active TCP conversation? (Hint: right-click on the conversation, select Apply as Filter > Selected > A → B. Save the packets once the filter is applied)

c. Calculate the Round-Trip Time (RTT) between A and B by inspecting the TCP Handshake.

0 0
Add a comment Improve this question Transcribed image text
Answer #1

A) If we look at the last two columns, i.e. bits/s A->B and bits/s B->A, we see that the first entry with the IP 141.101.125.193 (rel start 8.655147, duration 0.0554) has the biggest entries in the mentioned columns ( bits/s A->B and bits/s B->A) combined, which are:
108 kbits/s +1250 kbits/s = 1358 kbits/s.

The Rel start and duration values are entered because Address A column was not provided.

Hence it is the most active TCP conversation in the file (by bits per second).
------------------------------------
B) If we consider the most active TCP conversation in the file by bits per second, then the first entry with the IP address 141.101.125.193 (rel start 8.655147, duration 0.0554) is considered. The total amount of bytes transferred from A to B in the following row is 753 bytes and from B to A it is 8649 bytes. Hence a combined total of 9402 bytes.

BUT, If we consider the most active TCP conversation in the file by bytes transferred , then it's the entry with the IP address 207.171.187.117, rel start 32.822986, duration 1.5346. The total amount of bytes transferred from A to B in the following row is 3703 bytes and from B to A it is 122 kbytes. Hence a combined total of 126 kbytes.

-------------------------------------

C) Navigate to the Statistics menu and then go towards TCP Stream Graphs and choose Round Trip Time. After this check the TCP RTT (Round Trip Time) in the bottom table (checklist). The RTT can be found in the TCP header - > SEQ/ACK analysis which measures the time from SYN packet to the ACK packet.

Add a comment
Know the answer?
Add Answer to:
Wireshark Question: a. Find the most active TCP conversation in the file (by bits per second)....
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions
  • TCP computer networks

    Assume that a station X wants to send 15 packets of data to station Y using TCP Tahoe. Assuming that:1) The size of each packet sent is 1000 Bytes (ignore all the headers from layers below).2) Station X chooses 43 as an initial sequence number.3) Station Y chooses 2 as an initial sequence number.4) The data of the first packet is included in the final packet of the handshake process.5) The sender window size is 5 packets.6) The receiver window...

  • At this stage, you should be a Wireshark expert. Thus, we are not going to spell...

    At this stage, you should be a Wireshark expert. Thus, we are not going to spell out the steps as explicitly as in earlier labs. In particular, we are not going to provide example screenshots for all the steps. 1.   Start capturing packets in Wireshark and then do something that will cause your host to send and receive several UDP packets (Note that DNS is using UDP for communications. You can use nslookup commands in Lab 4 to generate DNS...

  • Question 13 5 pts Based on the provided Wireshark Capture File and information contained in Frame...

    Question 13 5 pts Based on the provided Wireshark Capture File and information contained in Frame # 12: What is the IPv4 address for the destination of the Layer 3 datagram (based on the particular Layer 3 datagram mentioned in instructions of this quiz)? 10.129.61.67 216.58.216.238 134.124.1.234 107.23.244.231 Question 14 5 pts Based on the provided Wireshark Capture File and information contained in Frame # 12: What is the IPv4 address of the source of the Layer 3 datagram (based...

  • (1) Assume that a station X wants to send 15 packets of data to station Y...

    (1) Assume that a station X wants to send 15 packets of data to station Y using TCP Tahoe. Assuming that: 1) The size of each packet sent is 1000 Bytes (ignore all the headers from layers below). 2) Station X chooses 43 as an initial sequence number. 3) Station Y chooses 2 as an initial sequence number. 4) The data of the first packet is included in the final packet of the handshake process. 5) The sender window size...

  • Q1) Assume that a station X wants to send 15 packets of data to station Y...

    Q1) Assume that a station X wants to send 15 packets of data to station Y using TCP Tahoe. Assuming that: 1)The size of each packet sent is 1000 Bytes (ignore all the headers from layers below). 2)Station X chooses 43 as an initial sequence number. 3)Station Y chooses 2 as an initial sequence number. 4)The data of the first packet is included in the final packet of the handshake process. 5)The sender window size is 5 packets. 6)The receiver...

  • 6. (10 points) TCP Suppose a TCP Reno sender (congestion avoidance, fast retransmit, fast recovery) has...

    6. (10 points) TCP Suppose a TCP Reno sender (congestion avoidance, fast retransmit, fast recovery) has an ssthresh 16 and a cwnd - 4. The sender has no outstanding unacknowledged segments and 240 more segments left to transmit. In addition, the receiver currently has an empty socket buffer that can hold up to 32 segments, and will continue to advertise a receiver advertised window that can hold 32 segments. Assume that there is no further loss of any segments or...

  • 1. For TCP end-to-end flow control, suppose the capacity of the receiver buffer is 10 packets. Su...

    1. For TCP end-to-end flow control, suppose the capacity of the receiver buffer is 10 packets. Suppose the packets that are being queued in the receiver buffer are packets 4, 5, 6, 7, 8, 10, 11. What is the advertised window size the receiver sent to the sender? Suppose packet 12 is the last packet sent by the sender. What’s the effective window size at the sender? Can the sender send out packet 13 at this moment? How about packet...

  • check my answers for Networking I came up with these answers, can check my answers Question...

    check my answers for Networking I came up with these answers, can check my answers Question 1: General What data rate is needed to transmit an uncompressed 4" x 6" photograph every second with a resolution of 1200 dots per inch and 24 bits per dot (pixel)? 691,200 kb/s 28.8 kb/s 8.29 Mb/s 829 Mb/s Question 2: Layering "Layering" is commonly used in computer networks because (check all that apply): -It forces all network software to be written in ‘C’....

  • 1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80...

    1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT Allow web server traffic Block web server traffic Force port 80 traffic to port 443 Allow traffic from both 80 and 443 using UDP protocols 2. Timestamps are important because can not be changed or deleted by attackers when configured properly, allows you to correlate events across the network can always...

  • 1) In a typical TCP connection establishment, the two flags used in the core handshake are...

    1) In a typical TCP connection establishment, the two flags used in the core handshake are the _____ and _____ flags. 2) TCP uses _____ to manage the transmission between senders and receivers that can send or receive differing rates to make sure not to overwhelm machines that may be slower. 3) The transport layer protocol used by the TCP / IP suite that does not provide guarantees on ordering or confirmation of receipt of packets is called . 4)...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT