CS176A - HOMEWORK ASSIGNMENT 4
Due: June 7 (By 11:59pm)
HW#3, the goal of this assignment is also to help you understand what
is going on in the network by examining exactly what flows across a hop
in the network. The traffic file is the same as used in HW#3.
However, the focus of HW#4 is on the Transport and Application layers.
You are expected to discover as much high-level information as possible.
goal of this assignment is to examine real protocols in use and
understand the communication that takes place in a network by examining
the bits that flow across a network hop. For this assignment, you
should focus on the higher level protocols, i.e. pay more attention to
the Transport and Application layers. The instructions for this
homework assignment are identical to the instructions for HW#3.
Clearly, you should refer to those instructions to refresh your
understanding of the guidelines and requirements. The one difference is
of course the focus of your investigation. Like HW#3, we have provided
a set of questions to help guide you in the direction of the material
that should be covered in the write-up. Questions include the
- What high layer protocols are seen at least once somewhere in the trace?
- Which applications and "services" use TCP, and which use UDP?
port numbers do you see? Do any of them have special significance?
Which ones and what is the significance? How are the others chosen?
- In any of the TCP connections, what is the window size? Does it ever change between connections? How is it chosen?
- What are the ranges of sequence numbers in each flow?
- What are the ranges of acknowledgment numbers in each flow?
are the contents and function of each packet (you can summarize series
of packets that work to accomplish some high level function but be sure
to include a sufficient amount of detail for at least one series of
- What host names can be seen in the trace?
- Can you deduce some host information from the trace, such as the type and version of the OS, applications and services?
- Is there some username and password information sent in the clear?
- Can you guess which commands or applications were launched to generate the traffic?
- Are there any protocols that appear to be operating differently than as described in class?
there any possible network attack happening in the trace file, i.e.,
some weird packets indicating someone else in the Internet is
conducting an attack.
- This packet trace is
full of surprises, especially for someone who has never looked at a
packet trace in detail before. List a few observations that were
surprising to you including details of the observation and why it was
The assignment should be submitted using the course web site. The file
format must be either Micosoft Word (DOC) or Adobe Acrobat (PDF). Your
report should be only one file (no zipping or taring files).
This assignment is to be done individually. Cheating will not be
tolerated. Please read the
UCSB Academic Code of Conduct
to find out more about Student Conduct and Discipline. Of particular
relevance to this assignment is the need to properly cite material you
have used. Failure to do so constitutes plagiarism.