Consider the Wireshark output below for a portion of an SSL session.
a. Is Wireshark packet 112 sent by the client or server?
b. What is the server’s IP address and port number?
c. Assuming no loss and no retransmissions, what will be the sequence number of the next TCP segment sent by the client?
d. How many SSL records does Wireshark packet 112 contain?
e. Does packet 112 contain a Master Secret or an Encrypted Master Secret or
neither?
f. Assuming that the handshake type field is 1 byte and each length field is
3 bytes, what are the values of the first and last bytes of the Master Secret (or Encrypted Master Secret)?
g. The client encrypted handshake message takes into account how many SSL records?
h. The server encrypted handshake message takes into account how many SSL records?
a)
The Wireshark packet 112 sent by the client to server as the source address is related to 'client' and the destination address is related to 'Server'.
b)
The server’s IP address is 216.75.194.220 and port number is 443 as refer the server address is is 216.75.194.220 from the wire shark for the portion of SSL in the text book. It is belongs to Https server in TCP. So, the destination port number is 443.
c)
Assuming no loss and no retransmissions, then the sequence number of the next TCP segment sent by the client is 283.
Explanation:
The calculation of sequence number of the next TCP segment sent by the client is adding the length of packet(204) and the present sequence number (79) from the wire shark output under TCP. So, the sequence numb= 204+79=283.
d)
The number of SSL(Secure Socket Layer) records does Wireshark packet 112 is 3 as the SSL, there are 3 records found for the packet 112 in wire shark output.
e)
The packet 112 contains an Encrypted Master Secret as one of the records specified as Encrypted Handshake Message in the SSL.
f)
Assuming that the handshake type field is 1 byte and each length field is 3 bytes, the the values of the first of the master secret is "bc" as This field recognies the type of the handshake type 1 byte, that is first field is bc and the last byte of the master secret is 29 as handshake length 3 bytes recognies the length of the handshake message.
g)
The client encrypted handshake message takes into account, then the found of number of SSL records is 6 as the client encrypted handshake message generally 6 SSL records found.
h)
The server encrypted handshake message takes into account, then the found of number of SLL records is 9 as the server encrypted handshake message generally 9 SSL records found.