Pages

3.23.2011

TCP Dup. ACK & Google SafeBrowsing

I'm about the switch careers in the next couple of years -- from data entry to (UNIX) System Administration.

I want to learn as much as I can in the next few months before deciding on courses and narrowing down which path to take for what I'd be best at.

In Linux there is a freeware Internet packet analysis tool Wireshark. It can print out at the packet level and give out highly technical details of what is coming in and going out of your Internet connection.

I was fiddling with the knobs so to speak and one of the packets has a certain MIME type of "application/vnd.google.safebrowsing-chunk", much like you might see a MIME type for HTML, or another one for displaying MPEG4 video or a PDF document, each MIME type has a different descriptor.

What is this particular one, and someone wrote that it has something to do with Firefox browser and connecting to another site.

http://ubuntuforums.org/showthread.php?t=1041601

I'm also seeing 'TCP Dup(licate) ACK' packets in the data stream.

So what exactly is happening, and if I tweak some of these settings in Firefox and my network, will it make my connection faster and truly more secure? I'm comfortable with some trial and error testing of this, but also have to see what others are experiencing and whether this really does need fixing or turning OFF.

Here is some of the 37 seconds of datastream captured...

GET /safebrowsing/rd/ChNnb29nLW1hbHdhcmUtc2hhdmFyEAAYgYQCIMCGAjItAYIAAP______________________________3_________7__-________8A HTTP/1.1
Host: safebrowsing-cache.google.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Firefox/3.6.15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PREF=ID=6cf5f6260b7a3930:U=88b7013107a9dbc0:FF=0:TM=1244476268:LM=1300530406:S=RCZWX5VFuDK1Dznz; NID=41=O1SP7Sw5WgITNg6LZN3tlS5BC0c5s8Ek0j9E87NXe7YIfPUlx4zZV4HC4Mb3pEcIElZUNlWJIzGhzlgsG1wZ8asKhesGivQRWT2ywqp4S-qD5ev0RxWnGPwr5aoYZuk_
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/vnd.google.safebrowsing-chunk
X-Content-Type-Options: nosniff
Date: Wed, 23 Mar 2011 02:02:57 GMT
Server: Chunked Update Server
Content-Length: 201654
X-XSS-Protection: 1; mode=block
Cache-Control: public,max-age=172800
Age: 11989
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)