Principles of Cybersecurity, 1st Edition page 268

Copyright Goodheart-Willcox Co., Inc. 268 Principles of Cybersecurity Step 3 ACK Connection The third step in the handshake is the ACK connection. Here, the connec- tion is validating receipt of previous steps and acknowledging the transmission. The resulting return transmission will turn on the ACK fl ag and increment the sequence number by 1, as shown in Figure 8-20. Goodheart-Willcox Publisher Figure 8-19. Header information for step 2 in the three-way handshake. Source Port Destination Port Sequence Number 0 Acknowledgement 1 Header Length Reserved URG ACK 1 PSH RST SYN 1 FIN Sliding window size Checksum Urgent Pointer Options Padding Data Goodheart-Willcox Publisher Figure 8-20. Header information for step 3 in the three-way handshake. Source Port Destination Port Sequence Number 1 Acknowledgement 1 Header Length Reserved URG ACK 1 PSH RST SYN 0 FIN Sliding window size Checksum Urgent Pointer Options Padding Data Quick Look 8.1.5 UDP and TCP Information in Wireshark Wireshark can be used to view the fl ags in TCP transmissions. Wireshark uses relative ISNs for simplicity. However, this can be changed to view the absolute ISN instead. 1. Applying what you have learned, launch Wireshark. 2. Click File Open…, navigate to your working folder, and open the capture you created earlier. 3. Sort the view by protocol. Scroll down to entries using the TCP protocol. Look for one that shows a SYN transaction in the Info column. When you fi nd one, double-click the entry to see the details. 4. In the top part of the details window, click the arrow next to Transmission Control Protocol to expand that section. What is the sequence number? What fl ags are set? Note the frame number for this transaction. 5. Close the details window to return to the main Wireshark window. Search for a SYN/ACK response. In terms of frame numbers, the response should be very close to the SYN packet. 6. Double-click the response that corresponds to the SYN packet you opened. Expand the Transmission Control Protocol section. What are the sequence and acknowledgement numbers? Note the frame number. Close the details window.

Previous Page Next Page

Principles of Cybersecurity, 1st Edition Page 268 (280 of 634)

Resources and Downloads

Help