Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

In the Wireshark Capture. In frame 126, follow the TCP stream. What is the reque

ID: 3580484 • Letter: I

Question

In the Wireshark Capture.

In frame 126, follow the TCP stream. What is the request that is made to the server?

What response does the server give back?

Based on these messages and others you can see in the packet capture, what would you say is going on? Is this an attack? If so, what type of attack might it be?

No. Time source Destination Protocol Length Info 74 52148 80 SYN] Seq-0 win 29200 Len-0 Mss 1460 SACK PERM 1 Tsval 54972840 Tsecr 0 WS-128 123 0.073997 192.168.12.143 172.19.36.129 TCP 124 0.075432 172.19.36.129 192.168.12.143 60 80 52148 SYN ACK] Seq 0 Ack 1 win 64240 Len 0 MSS 1460 TCP 125 0.075458 54 52148-80 ACK] Seq 1 Ack-1 win-29200 Len-0 192.168.12.143 172.19.36.129 TCP 126 0.075688 192.168.12.143 172.19.36.129 90 52148-800 PSH. ACK] Seq-1 Ack-1 win 29200 Len 36 TCP 127 0.075827 60 80-52148 ACK seq 1 Ack-37 win-64240 Len-0 172.19.36.129 192.168.12.143 TCP 172.19.36.129 128 0.075904 192.168.12.143 TCP 54 52148 80 FIN, ACK] Seq 37 Ack-1 win 29200 Len 0 129 0.076052 60 80-52148 ACK Seq-1 Ack-38 win-64239 Len-0 172.19.36.129 192.168.12.143 TCP 130 0.076273 172.19.36.129 192.168.12.143 537 HTTP/1.1 400 Bad Request (text/html) 131 0.076288 54 52148-80 ACK Seq-38 Ack-484 win-30016 Len-0 192.168.12.143 172.19.36.129 TCP 132 0.076342 172.19.36.129 192.168.12.143 TCP 60 80 52148 [FIN, PSH, ACK] Seq 484 Ack 38 win 64239 Len 0 54 52148-800 ACK Seq-38 Ack-485 Win-30016 Len-0 133 0.076350 192.168.12.143 172.19.36.129 TCP A Wireshark. Follow TCP Stream (tcp.stream eq 11) week6 HTTP /1.1GET hoST: 127.0.0.1. HTTP /1.1 400 Bad Request Date Thu, 30 Apr 2015 18:39:11 GMT Apache/2.4.10 (Ubuntu) Server Content-Length: 301 close Connection Content-Type: text/html; charset iso-8859-1 DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> html

Explanation / Answer

1. Handshake request sent to the server, getting response for the same.
2. Server responded as it's a bad request as there is no http acknowledgement available.
3. No it's not an attack. Client is trying to make a http connection with server, but server responded it as bad request as there is no http running on port 80.

Related Questions

In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988482
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988483
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988484
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988485
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988490
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988491
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988492
In the United States, coal is a fossil fuel, used mainly to fuel the energy need
Question #2988493
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
In the Wireshark Capture. In frame 126, follow the TCP stream. What is the reque
Next
In the Wireshark capture. An appropriate form for an HTTP request is as follows:

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.