A. Look at a packet that is using TCP and then answer the following:
i. What is the source port? Why is this source port used?
The source port is 49668.
ii. What is the destination port? Why is this destination port?
The destination port is port 80, it is used because port 80 is the port that the server "listens to" or
expects to receive from a Web client.assuming that the default was taken when the server was
configured or set up.
iii. What is the flag? Why is this flag used?
The flag is 0X02 (SYN). The flag is used to indicated whether a message is fragmented and, if it is
fragmented, whether this datagram is the last in the fragment.
iv. What is the source and destination IP address? Is this packet coming or going from your computer?
(Use IP config command from the command prompt to view the IP address of your computer).
The source IP address is 10.40.4.135 and the destination IP is 64.4.11.160. This packet is coming
from my computer.
v. What is the Time To Live for this packet? What does TTL mean?
The TTL for this packet is 128, TTL indicates the maximum time that a datagram can remain on
the network before it is discarded.
vi. What is the Differentiated Services field? List the current value. What does this mean? List 4 other
possible values.
The differentiated service field is 0X00 (DCSP 0X00: Deafult; ECN: 0X00), the current value is
52 which means it can make 52 more stops before it is droped.
vii. What is the protocol field set to? What does this mean?
The protocol field is set to TCP (6).
viii. What else did you see that was interesting about the IP packet?
ix. What is the framing type used?
Framing type used is 1400, 66 bytes on wire and 66 bytes captured.
x. What is the source and destination MAC addresses? Is this frame coming or going from your
computer? (Use IP config /all command from the command prompt to view the MAC address of
your computer).
D4 : 85 : 64 : C4 : 5B : E2, going
i. What is the source port? Why is this source port used?
The source port is 49668.
ii. What is the destination port? Why is this destination port?
The destination port is port 80, it is used because port 80 is the port that the server "listens to" or
expects to receive from a Web client.assuming that the default was taken when the server was
configured or set up.
iii. What is the flag? Why is this flag used?
The flag is 0X02 (SYN). The flag is used to indicated whether a message is fragmented and, if it is
fragmented, whether this datagram is the last in the fragment.
iv. What is the source and destination IP address? Is this packet coming or going from your computer?
(Use IP config command from the command prompt to view the IP address of your computer).
The source IP address is 10.40.4.135 and the destination IP is 64.4.11.160. This packet is coming
from my computer.
v. What is the Time To Live for this packet? What does TTL mean?
The TTL for this packet is 128, TTL indicates the maximum time that a datagram can remain on
the network before it is discarded.
vi. What is the Differentiated Services field? List the current value. What does this mean? List 4 other
possible values.
The differentiated service field is 0X00 (DCSP 0X00: Deafult; ECN: 0X00), the current value is
52 which means it can make 52 more stops before it is droped.
vii. What is the protocol field set to? What does this mean?
The protocol field is set to TCP (6).
viii. What else did you see that was interesting about the IP packet?
ix. What is the framing type used?
Framing type used is 1400, 66 bytes on wire and 66 bytes captured.
x. What is the source and destination MAC addresses? Is this frame coming or going from your
computer? (Use IP config /all command from the command prompt to view the MAC address of
your computer).
D4 : 85 : 64 : C4 : 5B : E2, going
