Vacation’s over. Your networks have been underutilized for a good long month now. Time to get back to the trenches. Why not start things off with a proper packet analysis challenge? At least fire up Wireshark to see if there’s an auto-update waiting for you?
Thank you Netresec for providing a huge list of packet captures to play with!
We will borrow a 13 MB packet capture from the excellent book “Practical Packet Analysis“.
$ shasum wireshark1.pcapng b8060f2b946f33b79833710db458368cd382d06c wireshark1.pcapng
Five questions + one bonus. One point per question:
- How many non-broadcast IPv4 nodes is Wireshark seeing?
- The client downloads an EXE file, twice. From which countries is it downloading the file from?
- How many Bytes is the client expecting to download for each EXE file?
- Looking at the fastest of the two transfers, at what speed is the file downloaded on average in kbps, kilobit per second?
- One node is not accepting the use of full TCP segments. Which one?
- BONUS – How many Bytes is the client potentially missing out on per round-trip?
The winner will get loads of street cred as defined by Urban Dictionary:
He’s been thru it all. His street cred is undeniable.
That’s all you need. Get to it! 👊