I'm currently looking at a .pcap using Wireshark. Hak5 had an excellent video with tips but I'm stuck at this


It seems I get an "RST, ACK" and then a retransmission, in a loop that continues in intervals. Same length every time.


I'm supposed to analyse the pcap and explain any odd behavior.


I hope really hope that there is a kind soul that might offer the time and assistance and explain what I'm seeing :D 



Well, as the board so elegantly puts it, I am a newbie. 

So there seems to be many reasons for a device to send an RST, with no clear answer, from firewalls to response to receiving a packet. 
But this, if I understand correctly, is being send and resend after the retransmission, from one private host to another.  

For the sake of helping with the homework.. what could be achieved by doing this on, say, purpose?

If I'd set this as homework (I do teach university classes occasionally) then I'd expect you to write up all the different possibilities. You've mentioned that there are many reasons, write about them all and once you've done that, go through them and speculate on which ones you think could be happening here and which are unlikely.

That way, you are showing that you've done the research that you were asked for and showing that you can reason through different options to pick the most appropriate.

How close are you to this packet source. Try to move farther away so the packet has time to unfold. 

