Redes TCP/IP - Ex 05

De Eriberto Wiki
Revisão de 09h55min de 23 de fevereiro de 2013 por Eriberto (discussão | contribs) (→‎Questões)
Ir para navegação Ir para pesquisar

by (C) João Eriberto Mota Filho <eriberto (a) eriberto pro br>

Exercício de fixação ligado diretamente ao artigo Redes TCP/IP, existente neste wiki.

O conteúdo a seguir poderá ser utilizado por outros professores,
desde que a fonte seja citada e os créditos mantidos.

Última atualização: veja o rodapé desta página.




Exercício 5 - Tráfego TCP





Base de conhecimento para a resolução do exercício

  • Exemplo de fluxo TCP: PDF.



Questões

  1. A seguir, será mostrado um tráfego HTTP bem sucedido (início, meio e fim). Complete as lacunas existentes.

    15:53:47.456541 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [S], seq _________________________, win 5840, options [mss 1460,sackOK,TS val 27473537 ecr 0,nop,wscale 7], length 0

    15:53:47.456857 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [S.], seq 2950686399, ack 2200906998, win 5792, options [mss 1460,sackOK,TS val 3372332674 ecr 27473537,nop,wscale 7], length ______

    15:53:47.456872 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack _________________________, win 46, options [nop,nop,TS val 27473537 ecr 3372332674], length 0

    15:53:47.456925 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [P.], seq 2200906998:2200907376, ack 2950686400, win 46, options [nop,nop,TS val 27473537 ecr 3372332674], length _____________

    15:53:47.457268 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [.], ack 2200907376, win 54, options [nop,nop,TS val 3372332675 ecr 27473537], length 0

    15:53:48.050611 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [______], seq 2950686400:2950686803, ack 2200907376, win 54, options [nop,nop,TS val 3372332823 ecr 27473537], length 403

    15:53:48.050636 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack 2950686803, win 54, options [nop,nop,TS val 27473685 ecr 3372332823], length 0

    15:53:48.050641 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [______], seq _________________________:2950686954, ack 2200907376, win 54, options [nop,nop,TS val 3372332823 ecr 27473537], length ______

    15:53:48.050645 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack 2950686954, win 63, options [nop,nop,TS val 27473685 ecr 3372332823], length ______

    15:53:51.438437 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [______], seq 2200907376, ack 2950686954, win 63, options [nop,nop,TS val 27474532 ecr 3372332823], length 0

    15:53:51.438852 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [F.], seq 2950686954, ack 2200907377, win 54, options [nop,nop,TS val 3372333670 ecr 27474532], length 0

    15:53:51.438870 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack _________________________, win 63, options [nop,nop,TS val 27474532 ecr 3372333670], length 0

  2. A seguir, será mostrado um tráfego HTTP com anomalias mas sem a ocorrência de resets. Complete as lacunas existentes.

    21:24:29.041609 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [S], seq 354042184, win 5840, options [mss 1460,sackOK,TS val 1569425 ecr 0,nop,wscale 6], length 0

    21:24:29.568671 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [S.], seq 814579103, ack 354042185, win 5840, options [mss 1460], length 0

    21:24:29.568711 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack 814579104, win 5840, length 0

    21:24:32.032805 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [______], seq 354042185:354042192, ack 814579104, win 5840, length ______

    21:24:32.429316 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], ack 354042192, win 5840, length 0

    21:24:32.435808 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], seq 814579104:_________________________, ack 354042192, win 5840, length 1460

    21:24:32.435826 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack 814580564, win 8760, length 0

    21:24:32.437787 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [FP.], seq 814582024:814582581, ack 354042192, win 5840, length 557

    21:24:32.437802 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack _________________________, win 8760, length 0

    21:24:32.444045 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], seq 814580564:814582024, ack 354042192, win 5840, length 1460

    21:24:32.444060 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ______     _________________________, win 11680, length 0

    21:24:32.445235 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [F.], seq 354042192, ack 814582582, win 11680, length 0

    21:24:32.769349 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], ack _________________________, win 5840, length 0

  3. Em quais casos a flag ACK não aparecerá em um segmento TCP?

  4. No comando tcpdump, para que serve a opção -S?