Hey Jow Forums

Hey Jow Forums,
I tried this yesterday but had a shitty pic...IIIIImmm baaack. Hw problem is to figure out which packets ACK these two and I'm not positive where to look to determine that. Any help is appreciated

Attached: Wireshark.png (1366x768, 165K)

jfc

Attached: 10623_monkeycomputer.png.jpg (462x347, 21K)

OP, right click any fucking packet and click "follow tcp stream" then never post anything like this here ever again please.

Attached: download.jpg (364x404, 23K)

I didn't know I could do that, new to ws...thank you

no thank YOU. My life is shit any chance I get to bloat my flaccid ego

Attached: qt3.14.jpg (141x175, 9K)

welp mayb we can continue here you glorius wizard you...wtf am i lookin for in that popup

that tcp stream is the beginning and ending of that particular transmission. you should be able to see those packets, and then trace back later on to what packets send back an ACK to those based on their unique identifier in WS

Just find the TCP stream # and add a filter:
>tcp.stream eq

Do i need to go farther down or is there a response to packet x anywhere that im not seeing....looks like a bunch of hex to me...I LOVE YOU user

Attached: Screenshot from 2018-05-03 17-49-33.png (1366x768, 134K)

yeah good point forgot about the filter, been a long time since i had a networking job.

see where it says save as ascii? there should be other options that present the data to you in a more useful format that how you SYN and corresponding ACK in another color

further down looks like all hex i mean

ill give her a shot...what do for work now? id like to be ceh certified and have kali on this laptop, but theres soooo much to it

these are my conversion options and none have looked useful so far

Attached: Screenshot from 2018-05-03 17-55-55.png (1366x768, 281K)

dammit wrong 1 sec

my options are
ascii, c arrays, ebcdic, hexdump, utf-8, utf-16, yaml, and raw

like that pkt 8 up top?

Attached: Screenshot from 2018-05-03 18-02-34.png (1366x768, 378K)

If you are trying to get a filtered list of packets so you can see the actual SYN, ACK, etc packets, click "Filter Out This Stream" and it will apply the tcp.stream eq 3 filter automatically and you should be able to easily see everything.

im tryin to figure it the fuck out kek. were only up to acks so far. i will try that too though

yes, send and response should alternate colors. the packet will say what it is responding to check the body.

I'm a consultant now I just do application development.

So i went from the red text screen and clicked 'filter out this stream, it went back to the regular wireshark window with nothing in the window, im assuming there was no ack then?

Attached: Screenshot from 2018-05-03 18-09-35.png (1366x768, 57K)

this will sound crazy. but we've all given you some good pointers--now is the time when you read at least 1 or 2 sentences from the documentation or watch a youtube video.

ok now im being griefed. Remove the "and !(tcp.stream eq 3) and press return.

you all have, and i greatly appreciate it. I'm not trying to be retarded about it, id just rather ask someone who knows what theyre doing
that brought back every packet

sry, pkts 7-344

it's homework though right? so on the very next problem what happens you come back here? we've told you how to isolate the sequence, the sequence is in alternating colors AND is in the order of occurrence. This is most of your work done for you.

and to be fair, you can leave at any time. i dont mean that as a gtfo, but no ones holding you hostage :)

and thats fair enough, i wasnt going to come back for every question, this 1 just confused tf out of me because every other one weve done have had the responses highlighted without an isse or extra work. not seeing highlighted ones makes me think it wasnt responded to, and i doubt pkt 8 is the response since im looking at pkts 17 and 18

are you perhaps in Montreal OP

close actually, ny, like 45 min away

Ok so if you want to see which ACK corresponds to a particular segment, go to pic related and you can actually click on that hyperlink to jump to it.

Attached: Screen Shot 2018-05-03 at 5.16.50 PM.png (978x645, 182K)

you don't fool me, I had the exact same homework using Fedora too

desu this was more helpful than anything else, no offense to any other responders cuz i do greatly appreciate the help, and since im beginning w.this stuff youre all wizards in my yes for now

im rly in ny, idk where my teach got it from but it coulda been the same

thats under the tcp control header right?

don't worry I don't feel obligated. It's not much effort for me to remind somebody that they're not doing themselves any favors by shortcutting their own education. Thanks for the concern

I understand that, i dont feel its shortcutting to be tutored when ive struggled with it since last night

thats not even an option for pkt 17

Attached: Screenshot from 2018-05-03 18-31-32.png (1366x768, 137K)

i realize the window isnt fully moved up, but its not down further either

Attached: Screenshot from 2018-05-03 18-39-32.png (1366x768, 138K)

no hyperlink means no ack? now that i have a good screencap

24 hours on SYN/ACK

have you thought about pursuing a liberal arts major instead? You could always just write about diversity in tech and probably be better off than doing actual tech these days.

nope, i grad in 6 months. this class is an elective but id like to learn it. I didnt find the hyperlink last night, read through our textbook, and crawled google but ill admit not the documentation for ws. and fuck diversity, that shit doesnt really interest me like this does

last question if anyones still here...does no hyperlink mean no ack?

No, from the perspective of a SYN, you cannot link to the ACK. You can see the Acknowledgement number: 1 listed a few lines above if you want to go look for it.

How do I pick an appropriate hashtag? Do I just find whatever is trending globally?

i found that, but thats not particularly useful for what ik right now, idk if itll help you help me, but heres the exact question...prob shoulda posted it earlier
3. For frames #17 and #18, what are their SEQ numbers? Are ACK numbers meaningful in these segments? Which frames, if any, contain acknowledgments to these two frames? What are the ACK numbers?

its only the 'which frames, if any...' part im stuck on

>the hacker on steroids known as Jow Forums

>that guy Jow Forums
i hear that so much, fuckin normies

and the ack num for pkt 18 is 1 also, is that just the number being used to track seq?

ACK0 and ACK1 alternate. They aren't used for numbering, just acknowledging.