Summary

In this lab, I used Wireshark to capture the process of visiting a new website and viewing DNS queries and a TCP Three way handshake.

New things I learned

• In this lab, I learned about how analyze DNS queries and SYN, ACK, and SYN-ACK packets in wireshark.
• I also learned about how to look at the TCP stream for TCP packets in wireshark.

Problems/Issues

• For this lab, I didn’t run into any problems. It was a straightforward lab, and I had no issues. There was no troubleshooting necessary.

Tech Journal Question

In your own word describe how the TCP 3 way handshake works.

A TCP 3 way handshake establishes a connection between the destination and the client. A synchronization(SYN) packet is sent to initialize the connection. A SYN-ACK packet is returned which is an acknowledgement of the destination receiving the SYN packet. An Acknowledgment(ACK) packet is also sent to acknowledge that the SYN packet was received. Finally, a FIN packet is sent to terminate the connection.