Hey Jow Forums,
I tried this yesterday but had a shitty pic...IIIIImmm baaack. Hw problem is to figure out which packets ACK these two and I'm not positive where to look to determine that. Any help is appreciated
Hey Jow Forums
jfc
OP, right click any fucking packet and click "follow tcp stream" then never post anything like this here ever again please.
I didn't know I could do that, new to ws...thank you
no thank YOU. My life is shit any chance I get to bloat my flaccid ego
welp mayb we can continue here you glorius wizard you...wtf am i lookin for in that popup
that tcp stream is the beginning and ending of that particular transmission. you should be able to see those packets, and then trace back later on to what packets send back an ACK to those based on their unique identifier in WS
Just find the TCP stream # and add a filter:
>tcp.stream eq
Do i need to go farther down or is there a response to packet x anywhere that im not seeing....looks like a bunch of hex to me...I LOVE YOU user
yeah good point forgot about the filter, been a long time since i had a networking job.
see where it says save as ascii? there should be other options that present the data to you in a more useful format that how you SYN and corresponding ACK in another color
further down looks like all hex i mean
ill give her a shot...what do for work now? id like to be ceh certified and have kali on this laptop, but theres soooo much to it
these are my conversion options and none have looked useful so far
dammit wrong 1 sec
my options are
ascii, c arrays, ebcdic, hexdump, utf-8, utf-16, yaml, and raw
like that pkt 8 up top?
If you are trying to get a filtered list of packets so you can see the actual SYN, ACK, etc packets, click "Filter Out This Stream" and it will apply the tcp.stream eq 3 filter automatically and you should be able to easily see everything.
im tryin to figure it the fuck out kek. were only up to acks so far. i will try that too though
yes, send and response should alternate colors. the packet will say what it is responding to check the body.
I'm a consultant now I just do application development.
So i went from the red text screen and clicked 'filter out this stream, it went back to the regular wireshark window with nothing in the window, im assuming there was no ack then?
this will sound crazy. but we've all given you some good pointers--now is the time when you read at least 1 or 2 sentences from the documentation or watch a youtube video.
ok now im being griefed. Remove the "and !(tcp.stream eq 3) and press return.
you all have, and i greatly appreciate it. I'm not trying to be retarded about it, id just rather ask someone who knows what theyre doing
that brought back every packet
sry, pkts 7-344
it's homework though right? so on the very next problem what happens you come back here? we've told you how to isolate the sequence, the sequence is in alternating colors AND is in the order of occurrence. This is most of your work done for you.
and to be fair, you can leave at any time. i dont mean that as a gtfo, but no ones holding you hostage :)
and thats fair enough, i wasnt going to come back for every question, this 1 just confused tf out of me because every other one weve done have had the responses highlighted without an isse or extra work. not seeing highlighted ones makes me think it wasnt responded to, and i doubt pkt 8 is the response since im looking at pkts 17 and 18
are you perhaps in Montreal OP
close actually, ny, like 45 min away
Ok so if you want to see which ACK corresponds to a particular segment, go to pic related and you can actually click on that hyperlink to jump to it.
you don't fool me, I had the exact same homework using Fedora too
desu this was more helpful than anything else, no offense to any other responders cuz i do greatly appreciate the help, and since im beginning w.this stuff youre all wizards in my yes for now
im rly in ny, idk where my teach got it from but it coulda been the same
thats under the tcp control header right?
don't worry I don't feel obligated. It's not much effort for me to remind somebody that they're not doing themselves any favors by shortcutting their own education. Thanks for the concern
I understand that, i dont feel its shortcutting to be tutored when ive struggled with it since last night
thats not even an option for pkt 17
i realize the window isnt fully moved up, but its not down further either
no hyperlink means no ack? now that i have a good screencap
24 hours on SYN/ACK
have you thought about pursuing a liberal arts major instead? You could always just write about diversity in tech and probably be better off than doing actual tech these days.
nope, i grad in 6 months. this class is an elective but id like to learn it. I didnt find the hyperlink last night, read through our textbook, and crawled google but ill admit not the documentation for ws. and fuck diversity, that shit doesnt really interest me like this does
last question if anyones still here...does no hyperlink mean no ack?
No, from the perspective of a SYN, you cannot link to the ACK. You can see the Acknowledgement number: 1 listed a few lines above if you want to go look for it.
How do I pick an appropriate hashtag? Do I just find whatever is trending globally?
i found that, but thats not particularly useful for what ik right now, idk if itll help you help me, but heres the exact question...prob shoulda posted it earlier
3. For frames #17 and #18, what are their SEQ numbers? Are ACK numbers meaningful in these segments? Which frames, if any, contain acknowledgments to these two frames? What are the ACK numbers?
its only the 'which frames, if any...' part im stuck on
>the hacker on steroids known as Jow Forums
>that guy Jow Forums
i hear that so much, fuckin normies
and the ack num for pkt 18 is 1 also, is that just the number being used to track seq?
ACK0 and ACK1 alternate. They aren't used for numbering, just acknowledging.