b. Run the "netstat -na" command on the server machine, and compare the result with that before the attack. c. Find out how many open TCP connections there are on the server (you need to show how you get the number in the report). Compare to the backlog queue length and try to explain your observation. d. Check the packets caught by wireshark and describe how the attack works