Analysis of Traffic using Wireshark- Understanding Window Size

Understanding TCP Window Size Analysis using Wireshark


Demonstration of TCP Window Size Analysis using Wireshark

Introduction

Transmission Control Protocol (TCP) is one of the most important protocols used for reliable communication in computer networks. TCP ensures that data is transmitted accurately and in the correct order between communicating systems. One important parameter used by TCP is the window size, which determines how much data can be sent before waiting for an acknowledgement from the receiver. The TCP window size plays a significant role in controlling data flow and preventing network congestion.

Reference

Reference Video: https://youtu.be/ZxSi4M941Bs?si=No7SjQWnCLuJIbwY

Network Parameter Chosen

Network Parameter: TCP Window Size

The TCP window size represents the amount of data that a sender can transmit before receiving an acknowledgement from the receiver. This mechanism allows TCP to regulate the flow of data between two communicating systems. The window size helps maintain efficient communication by ensuring that the sender does not overwhelm the receiver with too much data at once.

Observation using Wireshark

The TCP window size parameter can be observed using Wireshark by analyzing captured network packets. Wireshark allows detailed inspection of packet headers, including the fields present in the TCP protocol. By selecting a TCP packet and expanding the Transmission Control Protocol section, the Window Size Value field can be viewed. This value indicates the amount of data that the receiver is ready to accept before sending an acknowledgement.

Procedure

1. Open Wireshark and select the active network interface.

2. Start packet capture to collect network traffic.

3. Generate some network activity such as browsing a website or using the ping command.

4. Stop the packet capture after sufficient packets are collected.

5. Apply the filter tcp to display only TCP packets.

6. Select a TCP packet and expand the Transmission Control Protocol section in the packet details.

7. Observe the Window Size Value field to identify the TCP window size.

Screenshot of TCP Window Size in Wireshark



Plan after this

Next, the TCP window size parameter will be measured under different traffic conditions such as normal traffic, medium traffic, and heavy traffic. Network traffic will be generated using controlled commands, and the window size values will be analyzed using Wireshark to understand how TCP adjusts its flow control under varying network loads.

Conclusion

This assignment helped in understanding the concept of TCP window size and its importance in network communication. By using Wireshark, it is possible to observe protocol parameters directly within captured packets and analyze how TCP manages data transmission in a network.

Comments

Post a Comment

Popular posts from this blog

Analysis of an example malware pcap file

Image
   Malware Presence Confirmation using Network Traffic Analysis of a PCAP File Introduction Malware is malicious software designed to infiltrate, damage, or gain unauthorized access to computer systems. Many types of malware communicate with external servers in order to receive commands or exfiltrate stolen data. Network traffic analysis is a powerful technique used to detect such malicious behavior by examining captured packet data.   In this assignment, a packet capture (PCAP) file containing network traffic from an infected system was analyzed using Wireshark. The objective was to identify suspicious communication patterns and confirm the presence of malware by analyzing DNS queries, HTTP requests, and FTP communication observed in the captured traffic. Objectives 1. To analyze network traffic captured in a PCAP file using Wireshark. 2. To identify suspicious domains, protocols, and communication patterns in the captured traffic. 3. To detect evidence of malware activi...
Read more

Measuring window sizes scaling using statistical graphs

Image
Analysis of Traffic using Wireshark - Measurement of TCP Window Size Under Different Traffic Conditions   1. Introduction Computer networks rely on efficient data transmission mechanisms to ensure reliable communication between devices. One important parameter that influences network performance is the TCP window size . The TCP window size controls how much data can be sent by a sender before waiting for an acknowledgement from the receiver. The TCP window size is part of the Transmission Control Protocol (TCP)  and plays a crucial role in flow control. It helps prevent network congestion by limiting the amount of data transmitted before receiving confirmation from the receiving host. In this experiment, the TCP window size parameter is analyzed using Wireshark  under three different traffic conditions: normal traffic, medium traffic, and heavy traffic. By observing how the TCP window size behaves under varying network loads, we can understand how TCP adapts to changing n...
Read more