Question: Capturing and Identifying the Three-way Handshake Time Required: 30 minutes Objective: Determine which packets create the three-way handshake used in establishing a communication session. Required Tools and Equipment: Net-XX with Wireshark installed Description: Using Wireshark and a suitable capture filter, capture the packets involved in an HTTP session that you start by opening a Web page. Find the three packets that constitute the three-way handshake. Perform the following tasks:
• What capture filter did you use to limit Wireshark to capturing only packets related to HTTP?
• Find the three-way handshake that immediately precedes the first HTTP packet. Which Transport-layer protocol was used to create the connection?
• Find the following fields in the Transport-layer header of the first packet in the threeway handshake and write down their value:
- Source port:
- Destination port:
- Sequence number:
- Flags: Syn:
- Window size:
Maximum segment size:
• Find the following fields in the Transport-layer header of the third packet in the threeway handshake. Research their meanings, and then write down their values along with brief descriptions of them:
Window size:
Maximum segment size:
• How are the sequence number and acknowledgement used to make this protocol reliable?