Observing TCP:
- Run the “netstat” command in either your Windows or Linux environment. Referring to the TCP RFC, what states do you recognize? What states do you think would be difficult to see using this tool, and why? (Hint, use the “ping” command to open connections to other devices if you need examples of outgoing connections.)
- Use TCP Dump to observe TCP attributes:
- If using your Windows system: Install TCPDump:
- Tcpdump can be downloaded from http://www.tcpdump.org/#latest-release.
- If using Astro, you can run the TCPdump command; it is already installed.
- Run the tcp dump command: tcpdump –n
- Examine the output… (hint: if you do not see output, try generating TCP traffic by using a web browser, telnet, ftp, etc.)
- What information does TCPDump show?
- Does TCPDump show the contents (payload) of the packets?
- Refer to RFC 793; how does this command confirm what you learned about TCP?
- If using your Windows system: Install TCPDump: