Name: Humberto Pérez
BCIS 5620 & BCIS 4630 Hands-On In-Class Lab 2 Worksheet
Question 1
How many hosts did Nmap discover? Support your answer with a screenshot.
Nmap discovered 2 hosts on the line that says “Nmap done: 256 IP addresses (2 hosts up) scanned
in 9.61 seconds.”
Question 2
What is Nmap’s guess of the OS running on 10.1.xx.161? Support your answer with a screenshot.
Nmap guessed Microsoft Windows on the line reading “445/tcp open Microsoft-ds.”
Question 3
Which three segments do you think completed a TCP handshake? List their packet numbers (the
number in the very left column in the Wireshark window) below. What are the control bits in each of
the three segments involved in the scanning of Port 135? Insert the screenshot supporting your
answers.
On lines No. 2062, 2132, and 2125 is where the handshake takes place. The control bits are 217 and
161.
Question 4
Did you see a completed TCP handshake? Which two segments do you think constituted the first
two packets in a TCP handshake? List their packet numbers below. Which control bits were turned
on in the segment responding to the second segment? Insert the screenshot supporting your
answers.
Packets 31 and 32 were first in the TCP handshake. The responding control bit in the second
segment is 217.
Submit your Wireshark capture files (hoic-nmap-cxn-scan.pcapng and
hoic-nmap-syn-scan.pcapng) together with this worksheet.