Network Security through the protocol Essay Example | Topics and Well Written Essays - 1500 words

Network security through the protocol - Essay ExampleDF is the flag Dont Fragment S is the first part of multilateral transmission control protocol handshake (SYN, SYN, ACK) Seq is the sequence numberAck is the Acknowledgement TcpLen is the length of the transmission control protocol protocolTcpOption Provision for facultative header fields MSS 1460 is the maximum segment size, or maximum IP datagram size that can be handled without using fragmentation. both(prenominal) sides of the contact must agree on a value if they are different, the overthrow value is used.As we have thrown the dissection of the above packet we will directly get into packet analyses for the tarry of the packets.Analyses of all the net income packets08/16-152717.820587 193.63.129.1921843 - 193.63.129.187139TCP TTL128 TOS0x0 ID48195 IpLen20 DgmLen44 DF******S* Seq 0xF1908361 Ack 0x0 Win 0x2000 TcpLen 24TCP Options (1) = MSS 1460=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+At this p acket the source address is sending information to the destination through TCP. Here the initial bod of the TCP is done. Sync is done in the TCP handshake. The sequence number is given in hexadecimal. instanter the destination 193.63.129.187 would receive the packet and send an acknowledgement back to the source.08/16-152717.820656 193.63.129.187139 - 193.63.129.1921843TCP TTL128 TOS0x0 ID2676 IpLen20 DgmLen44 DF***A**S* Seq 0x7CFB7BBA Ack 0xF1908362 Win 0x2238 TcpLen 24TCP Options (1) = MSS 1460=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+Here we see that the destination with user interface 139 has sent an acknowledgement back to the source 192.63.129.187 with an acknowledgement 0xF1908362. This Ack would be received by the 192.63.129.187.08/16-152717.820785 193.63.129.1921843 - 193.63.129.187139TCP TTL128 TOS0x0...Generally these packets can be easily sniffed using different packet sniffers like wireshark, snort, capsa etc., These packet analyzers are pr imarily used so that it can used to analyze any kind of network problem, it can be used to detect the network intrusion attempts, it can gain information for effecting a network intrusion, to monitor the network usage, to debug client and server communication. Here let us analyze and decode the network packets.MSS 1460 is the maximum segment size, or maximum IP datagram size that can be handled without using fragmentation. Both sides of the connection must agree on a value if they are different, the lower value is used.At this packet the source address is sending information to the destination through TCP. Here the initial phase of the TCP is done. Sync is done in the TCP handshake. The sequence number is given in hexadecimal.Now being familiar with all the packet information let us move forward where the positive data has been transmitted between the two IP address. In the above packet we can see the hex dump of the packet where there is a message sent to the destination here. Th is is where the Session necessitate is done.Similarly the above packet gathers the acknowledgement of the previous packets and sends it as the sequence to the destination address where the connection has been established.