Network Security through the protocol Essay Example | Topics and Well Written Essays - 1500 words

Network Security through the protocol - Essay ExampleDF is the flag Dont Fragment S is the first part of three-way TCP handshake (SYN, SYN, ACK) Seq is the sequence secondAck is the Acknowledgement TcpLen is the length of the TCP protocolTcpOption Provision for optional header handle MSS 1460 is the maximum segment size, or maximum IP datagram size that preempt be handled without using fragmentation. Both sides of the connection must agree on a value if they are different, the lower value is used.As we have seen the dissection of the above packet we will directly get into packet analyses for the rest of the packets.Analyses of all the earnings packets08/16-152717.820587 193.63.129.1921843 - 193.63.129.187139TCP TTL128 TOS0x0 ID48195 IpLen20 DgmLen44 DF******S* Seq 0xF1908361 Ack 0x0 Win 0x2000 TcpLen 24TCP Options (1) = MSS 1460=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+At this packet the tooth root address is sending information to the end through TCP. hither the initial phase of the TCP is done. Sync is done in the TCP handshake. The sequence number is given in hexadecimal. Now the refinement 193.63.129.187 would receive the packet and send an acknowledgement back to the source.08/16-152717.820656 193.63.129.187139 - 193.63.129.1921843TCP TTL128 TOS0x0 ID2676 IpLen20 DgmLen44 DF***A**S* Seq 0x7CFB7BBA Ack 0xF1908362 Win 0x2238 TcpLen 24TCP Options (1) = MSS 1460=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+Here we see that the destination with port 139 has displace an acknowledgement back to the source 192.63.129.187 with an acknowledgement 0xF1908362. This Ack would be received by the 192.63.129.187.08/16-152717.820785 193.63.129.1921843 - 193.63.129.187139TCP TTL128 TOS0x0...Generally these packets can be easily sniffed using different packet sniffers like wireshark, snort, capsa etc., These packet analyzers are generally used so that it can used to analyze any miscellanea of network problem, it can be used to detect the network intrusion attempts, it can gain information for effecting a network intrusion, to monitor the network usage, to correct client and server communication. Here let us analyze and decode the network packets.MSS 1460 is the maximum segment size, or maximum IP datagram size that can be handled without using fragmentation. Both sides of the connection must agree on a value if they are different, the lower value is used.At this packet the source address is sending information to the destination through TCP. Here the initial phase of the TCP is done. Sync is done in the TCP handshake. The sequence number is given in hexadecimal.Now being familiar with all the packet information let us move forward where the actual data has been transmitted between the two IP address. In the above packet we can see the hex dump of the packet where there is a message sent to the destination here. This is where the Session Request is done.Similarly the above packet gathers the ackn owledgement of the previous packets and sends it as the sequence to the destination address where the connection has been established.