Redes TCP/IP - Ex 05

De Eriberto Wiki
Ir para: navegação, pesquisa
Twitter.png

by (C) João Eriberto Mota Filho <eriberto (a) eriberto pro br>

Exercício de fixação ligado diretamente ao artigo Redes TCP/IP, existente neste wiki.

O conteúdo a seguir poderá ser utilizado por outros professores,
desde que a fonte seja citada e os créditos mantidos.

Última atualização: veja o rodapé desta página.




Exercício 5 - Fluxo TCP




Base de conhecimento para a resolução do exercício

  • Exemplo de fluxo TCP: PDF.



Questões

  1. A seguir, será mostrado um tráfego HTTP bem sucedido (início, meio e fim). Complete as lacunas existentes.

    15:53:47.456541 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [S], seq _________________________, win 5840, options [mss 1460,sackOK,TS val 27473537 ecr 0,nop,wscale 7], length 0

    15:53:47.456857 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [S.], seq 2950686399, ack 2200906998, win 5792, options [mss 1460,sackOK,TS val 3372332674 ecr 27473537,nop,wscale 7], length ______

    15:53:47.456872 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack _________________________, win 46, options [nop,nop,TS val 27473537 ecr 3372332674], length 0

    15:53:47.456925 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [P.], seq 2200906998:2200907376, ack 2950686400, win 46, options [nop,nop,TS val 27473537 ecr 3372332674], length _____________

    15:53:47.457268 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [.], ack 2200907376, win 54, options [nop,nop,TS val 3372332675 ecr 27473537], length 0

    15:53:48.050611 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [______], seq 2950686400:2950686803, ack 2200907376, win 54, options [nop,nop,TS val 3372332823 ecr 27473537], length 403

    15:53:48.050636 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack 2950686803, win 54, options [nop,nop,TS val 27473685 ecr 3372332823], length 0

    15:53:48.050641 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [______], seq _________________________:2950686954, ack 2200907376, win 54, options [nop,nop,TS val 3372332823 ecr 27473537], length ______

    15:53:48.050645 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack 2950686954, win 63, options [nop,nop,TS val 27473685 ecr 3372332823], length ______

    15:53:51.438437 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [______], seq 2200907376, ack 2950686954, win 63, options [nop,nop,TS val 27474532 ecr 3372332823], length 0

    15:53:51.438852 IP 82.169.100.212.80 > 172.21.0.1.52768: Flags [F.], seq 2950686954, ack 2200907377, win 54, options [nop,nop,TS val 3372333670 ecr 27474532], length 0

    15:53:51.438870 IP 172.21.0.1.52768 > 82.169.100.212.80: Flags [.], ack _________________________, win 63, options [nop,nop,TS val 27474532 ecr 3372333670], length 0

  2. Na captura anterior, qual tipo de fechamento ocorreu?

  3. A seguir, será mostrado um tráfego HTTP com anomalias mas sem a ocorrência de resets. Complete as lacunas existentes.

    21:24:29.041609 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [S], seq 354042184, win 5840, options [mss 1460,sackOK,TS val 1569425 ecr 0,nop,wscale 6], length 0

    21:24:29.568671 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [S.], seq 814579103, ack 354042185, win 5840, options [mss 1460], length 0

    21:24:29.568711 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack 814579104, win 5840, length 0

    21:24:32.032805 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [______], seq 354042185:354042192, ack 814579104, win 5840, length ______

    21:24:32.429316 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], ack 354042192, win 5840, length 0

    21:24:32.435808 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], seq 814579104:_________________________, ack 354042192, win 5840, length 1460

    21:24:32.435826 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack 814580564, win 8760, length 0

    21:24:32.437787 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [FP.], seq 814582024:814582581, ack 354042192, win 5840, length 557

    21:24:32.437802 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ack _________________________, win 8760, length 0

    21:24:32.444045 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], seq 814580564:814582024, ack 354042192, win 5840, length 1460

    21:24:32.444060 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [.], ______     _________________________, win 11680, length 0

    21:24:32.445235 IP 172.21.12.159.32930 > 74.55.41.178.80: Flags [F.], seq 354042192, ack 814582582, win 11680, length 0

    21:24:32.769349 IP 74.55.41.178.80 > 172.21.12.159.32930: Flags [.], ack _________________________, win 5840, length 0

  4. Na captura anterior, qual tipo de fechamento ocorreu?

  5. Na captura anterior, qual foi o window scale definido pelo servidor?

  6. Considerando que um download passou a usar a técnica de janelas deslizantes e que não houve problemas na conexão, complete as lacunas a seguir.

    IP 80.249.99.148.81 > 192.168.0.180.57379: Flags [.], seq 1981313489:1981314937, ack 3285943642, win 15, options [nop,nop,TS val 1707463126 ecr 13155582], length 1448

    IP 80.249.99.148.81 > 192.168.0.180.57379: Flags [.], seq 1981314937:1981316385, ack 3285943642, win 15, options [nop,nop,TS val 1707463126 ecr 13155582], length 1448

    IP 192.168.0.180.57379 > 80.249.99.148.81: Flags [.], ack _________________________, win 10996, options [nop,nop,TS val 13155690 ecr 1707463126], length 0

    IP 80.249.99.148.81 > 192.168.0.180.57379: Flags [.], seq 1981316385:1981317833, ack 3285943642, win 15, options [nop,nop,TS val 1707463126 ecr 13155582], length 1448

    IP 80.249.99.148.81 > 192.168.0.180.57379: Flags [.], seq 1981317833:1981319281, ack 3285943642, win 15, options [nop,nop,TS val 1707463126 ecr 13155582], length 1448

    IP 192.168.0.180.57379 > 80.249.99.148.81: Flags [.], ack _________________________, win 10996, options [nop,nop,TS val 13155691 ecr 1707463126], length 0

  7. Em quais casos a flag ACK não aparecerá em um segmento TCP?

  8. No comando tcpdump, para que serve a opção -S?

  9. Faça download do arquivo ex05_cap01.pcap. A seguir, observando os detalhes do cabeçalho IP (opção -v do tcpdump), diga se houve perda de pacotes oriundos do host 203.0.113.12. (dica: use o filtro src host no comando tcpdump)