Sec220 Lab 1 Lab 1: Network Sniffing

Part 2: Capturing a TCP 3-way handshake

Download 0.57 Mb.
Size0.57 Mb.
1   2
SEC220 Lab1 Network Sniffing Updated 17Jan2022
Part 2: Capturing a TCP 3-way handshake


  1. Clear the filter of part 1 (clear “http” filter)

  2. Click the ‘Start’ button.

  3. Again, browse to

  4. Click ‘Stop’ capture.

  5. You may want to set the Capture Filters to ‘not arp and not icmp and not port 53 and not port 443 and not udp’ to reduce the amount of data generated.

    1. Note: the filters might be already setup, however if any of those filters are missing, add the missing filter by:

      1. Click on “Capture”>Capture Filters

      2. Click on the ‘+’ sign at the bottom

  6. Find the 3-way handshake based on the source and destination IP Address, take screenshots showing:

  • A screen shot showing the three-way handshake and highlight each handshake.

  • In GET HTTP confirm which webpage this packet is getting. Take a screenshot and highlight the host.

  1. Insert your screenshots in the report template

  2. Clear the filter and look up 3 different protocols that appear in the protocol column in the unfiltered packet-listing window and write them down in your report.

Lab Report Write-up
Submit your lab results using the template provided for lab 0. Make sure your lab report is well organized with proper titles.

Your report must contain the following:

  1. Your name & student number

  2. Screenshots as requested above

  3. Each screen shot must show:

    1. System date & time

    2. Your customized background

    3. Caption describing what the screenshot is about


  • Labs submitted one week late, will lose 50% of the grade automatically, and if later than that, it will be assigned a grade of ‘F’.

  • Late labs still need to be satisfactorily completed and submitted by Study Week to meet SEC220’s Promotion Requirements.

Page of

Download 0.57 Mb.

Share with your friends:
1   2

The database is protected by copyright © 2023
send message

    Main page