I'm interesting in tracking/calculating the uptime of a Windows 10 desktop computer using TCP packet header information. I read about using the TSecr field. However, both tcp.options.timestamp.tsval
and tcp.options.timestamp.tsecr
return blank information.
- Is it possible to calculate machine uptime using other fields?
I've read that Windows is using "TCP Receive Window Auto-Tuning" instead of TCP timestamps to achieve the same performance objectives that timestamps were once used for.
- Can I use features related to "TCP Receive Window Auto-Tuning" to calculate machine uptime? What fields would those be?