1. Obtain a trace file of the TCP handshake process.
2. Obtain Wireshark/Ethereal
3. Explore the trace in the three panes of the analyzer. These three panes are standard to most analyzers. They are the summary pane, the protocol tree pane, and the hex pane.
4. Explore the preferences and configuration options in Wireshark. Share your findings with the class.
5. Is this a two-way conversation?
6. Are there any ACK's?
7. How long is the data portion of each packet? Why?
8. Why is the sequence number zero (seq=0) in every packet?
9. Why do the port numbers change in every packet?
10. Look at the "Time" column in the summary pane. How do you interpret it?
11. Where in the protocol tree pane would you find the protocol "Type" field?
12. Look in the flags section of the transport layer (Transmission Control Protocol" in the protocol tree section for one of the packets. What flags are set?
13. How does a SYN attack deny service?