As in Lab 2, you will be using Wireshark. You will continue with packet analysis. You will examine network traffic with a display filter.
You can perform this exercise either using Wireshark on your machine or a remote lab supplied by UMUC. I encourage that you carry out the exercise using the remote Lab. The instructions to use the remote UMUC machine is provided in the Accessing Remote Virtual Lab using VPN module under Course Content.
A packet trace of normal network traffic will contain more than just the packets you want to look at. You can apply a display filter to isolate conversations within the trace. For this exercise you will use a trace file of a student at home using a browser to connect to UMUC. The trace captures the traffic that resulted when the student pointed a browser to www.umuc.edu.
If you are using an older, or newer version of Wireshark, or different OS some of the buttons (options) may be in different positions/locations.
Assignment
Answer the following questions about trace file EX03 www_umuc_edu.cap.
Download trace file EX03 www_umuc_edu.cap from the LEO Lab 3 assignment folder and open it with Wireshark. (If you are using the UMUC remote facility, the file is in the Lab3Folder on the desktop.)
Find the first TCP handshake. What are the packet numbers in the handshake? The three packet numbers ____, _____, and _____