SlideShare una empresa de Scribd logo

Wireshark Lab HTTP, DNS and ARP v7 solution

United International University
United International University

Wireshark Lab: HTTP, DNS and ARP v7 solution Computer Networking: A Top-Down Approach, 7th ed., J.F. Kurose and K.W. Ross

Educación
1 de 8
Descargar para leer sin conexión
Wireshark Lab HTTP, DNS, ARP v7 HTTP 1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running? Answer: Both are HTTP 1.1 2. What languages (if any) does your browser indicate that it can accept to the server? Answer: Accept-Language: en-us, en 3. What is the IP address of your computer? Of the gaia.cs.umass.edu server? Answer: My IP address is 192.168.1.102 and the server’s is 128.119.245.12 4. What is the status code returned from the server to your browser? Answer: HTTP/1.1 200 OK (text/html) 5. When was the HTML file that you are retrieving last modified at the server? Answer: Last-Modified: Thu, 07 Jun 2007 22:09:01 GMT 6. How many bytes of content are being returned to your browser? Answer: Content-Length: 126 7. By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one. Answer: No all of the headers can be found in the raw data. 8. Inspect the contents of the first HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE” line in the HTTP GET? Answer: No
9. Inspect the contents of the server response. Did the server explicitly return the contents of the file? How can you tell? Answer: Yes because we can see the contents in the Line-based text data field. 10. Now inspect the contents of the second HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-MODIFIED-SINCE:” header? Answer: Yes. The information following is: Thu, 07 Jun 2007 16:29:01 GMT. 11. What is the HTTP status code and phrase returned from the server in response to this second HTTP GET? Did the server explicitly return the contents of the file? Explain. Answer: is HTTP/1.1 304 Not Modified. The server didn’t return the contents of the file since the browser loaded it from its cache. 12. How many HTTP GET request messages were sent by your browser? Answer: There was 1 HTTP GET request message sent by my browser as seen in the screenshot. 13. How many data-containing TCP segments were needed to carry the single HTTP response? Answer: TCP segments containing 309, 1452, 1452, 1452 and 144 bytes respectively for a total of 4500 bytes. 14. What is the status code and phrase associated with the response to the HTTP GET request? Answer: 200 OK 15. Are there any HTTP status lines in the transmitted data associated with a TCP induced “Continuation”? Answer: No
16. How many HTTP GET request messages were sent by your browser? To which Internet addresses were these GET requests sent? Answer: As you can see from the above screenshot there were 3 HTTP GET requests sent to the following Internet addresses: a. 128.119.245.12 b. 128.119.240.90 c. 165.193.123.218 17. Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain. Answer: By checking the TCP ports we can see if our files were downloaded serially or in parallel. In this case the 2 images were transmitted over 2 TCP connections therefore they were downloaded serially. 18. What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser? Answer: Status code: 401, Phrase: Authorization Required 19. When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message? Answer: As seen in the screenshot the new field (highlighted) is Authorization. Authorization: Basic d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=rn DNS
4. Locate the DNS query and response messages. Are then sent over UDP or TCP? ANSWER: They are sent over UDP 5. What is the destination port for the DNS query message? What is the source port of DNS response message? ANSWER: The destination port for the DNS query is 53 and the source port of the DNS response is 53. 6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same? ANSWER: It’s sent to 192.168.1.1, 7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? ANSWER: It’s a type A Standard Query and it doesn’t contain any answers. 8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain? ANSWER: There were 2 answers containing information about the name of the host, the type of address, class, the TTL, the data length and the IP address. 9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message? ANSWER: The first SYN packet was sent to 209.173.57.180 which corresponds to the first IP address provided in the DNS response message. 10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
ANSWER: No ARP 1. What is the 48-bit Ethernet address of your computer? ANSWER: The Ethernet address of my computer is 00:09:5b:61:8e:6d 2. What is the 48-bit destination address in the Ethernet frame? Is this the Ethernet address of gaia.cs.umass.edu? What device has this as its Ethernet address? ANSWER: The destination address 00:0c:41:45:90:a8 is not the Ethernet address of gaia.cs.umass.edu. It is the address of my Linksys router. 3. Give the hexadecimal value for the two-byte Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Frame type field is 0x0800. 4. How many bytes from the very start of the Ethernet frame does the ASCII “G” in “GET” appear in the Ethernet frame? ANSWER: The ASCII “G” appears 52 bytes from the start of the ethernet frame. There are 14 B Ethernet frame, and then 20 bytes of IP header followed by 20 bytes of TCP header before the HTTP data is encountered. 5. What is the hexadecimal value of the CRC field in this Ethernet frame? ANSWER: The hex value for the CRC field is 0x 0d0a 0d0a. 6. What is the value of the Ethernet source address? Is this the address of your computer, or of gaia.cs.umass.edu? What device has this as its Ethernet address?
ANSWER: The source address 00:0c:41:45:90:a8. Ethernet address of gaia.cs.umass.edu not the address of my computer. It is the address of my Linksys router. 7. What is the destination address in the Ethernet frame? Is this the Ethernet address of your computer? ANSWER: The destination address 00:09:5b:61:8e:6d is the address of computer. 8. Give the hexadecimal value for the two-byte Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Frame type field is 0x0800. 9. How many bytes from the very start of the Ethernet frame does the ASCII “O” in “OK” (i.e., the HTTP response code) appear in the Ethernet frame? ANSWER: The ASCII “O” appears 52 bytes from the start of the ethernet frame. 10. What is the hexadecimal value of the CRC field in this Ethernet frame? ANSWER: The hex value for the CRC field is 0x 0d0a 0d0a. 11. Write down the contents of your computer’s ARP cache. What is the meaning of each column value? ANSWER: The Internet Address column contains the IP address, the Physical Address column contains the MAC address, and the type indicates the protocol type. 12. What are the hexadecimal values for the source and destination addresses in the Ethernet frame containing the ARP request message? ANSWER: The hex value for the source address is 00:d0:59:a9:3d:68. The hex value for the destination address is ff:ff:ff:ff:ff:ff, the broadcast address.
13. Give the hexadecimal value for the two-byte Ethernet Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Ethernet Frame type field is 0x0806, for ARP. 14. Download the ARP specification from ftp://ftp.rfc-editor.org/innotes/std/std37.txt. A readable, detailed discussion of ARP is also at http://www.erg.abdn.ac.uk/users/gorry/course/inet- pages/arp.html. a) How many bytes from the very beginning of the Ethernet frame does the ARP opcode field begin? ANSWER: 20 bytes. b) What is the value of the opcode field within the ARP-payload part of the Ethernet frame in which an ARP request is made? ANSWER: ARP-payload of the request is 0x0001. c) Does the ARP message contain the IP address of the sender? ANSWER: Yes, the ARP message containing the IP address 192.168.1.105 for the sender. d) Where in the ARP request does the “question” appear – the Ethernet address of the machine whose corresponding IP address is being queried? ANSWER: 15. Now find the ARP reply that was sent in response to the ARP request. a) How many bytes from the very beginning of the Ethernet frame does the ARP opcode field begin? ANSWER: 20 bytes.
b) What is the value of the opcode field within the ARP-payload part of the Ethernet frame in which an ARP response is made? ANSWER: The ARP-payload of the request is 0x0002, for reply. c) Where in the ARP message does the “answer” to the earlier ARP request appear – the IP address of the machine having the Ethernet address whose corresponding IP address is being queried? ANSWER: 16. What are the hexadecimal values for the source and destination addresses in the Ethernet frame containing the ARP reply message? ANSWER: The source address is 00:06:25:da:af:73 and for the destination is 00:d0:59:a9:3d:68.

Recomendados

Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionUnited International University
 
SMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSIDDARAMAIAHMC
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolUjjayanta Bhaumik
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Check sum
Check sumCheck sum
Check sumPooja Jaiswal
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 

Recomendados

Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionUnited International University
 
SMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSMTP Simple Mail Transfer Protocol
SMTP Simple Mail Transfer ProtocolSIDDARAMAIAHMC
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer ProtocolUjjayanta Bhaumik
 
Pgp
PgpPgp
PgpReham Maher El-Safarini
 
Check sum
Check sumCheck sum
Check sumPooja Jaiswal
 
Pretty good privacy
Pretty good privacyPretty good privacy
Pretty good privacyPushkar Dutt
 
Key distribution code.ppt
Key distribution code.pptKey distribution code.ppt
Key distribution code.pptPrabhat Kumar
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tlsRana assad ali
 
Heartbleed
HeartbleedHeartbleed
HeartbleedShiva Sagar
 
Media Access Layer
Media Access LayerMedia Access Layer
Media Access LayerKamal Acharya
 
Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking Salman Memon
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic PresentationMD. SHORIFUL ISLAM
 
5. icmp
5. icmp5. icmp
5. icmpSwati Arora
 
VPN Virtual Private Network
VPN Virtual Private NetworkVPN Virtual Private Network
VPN Virtual Private NetworkRama Krishna Nakka
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Mobile Transport layer
Mobile Transport layerMobile Transport layer
Mobile Transport layerPallepati Vasavi
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programmingelliando dias
 
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESSComputer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESSDr. SELVAGANESAN S
 
Email security
Email securityEmail security
Email securityBaliram Yadav
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solutionYasin Abdullah
 
Smtp
SmtpSmtp
SmtpEri Alam
 
Web services SOAP
Web services SOAPWeb services SOAP
Web services SOAPprinceirfancivil
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP Ramesh Giri
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Wireshark tcp - 2110165028
Wireshark tcp - 2110165028Wireshark tcp - 2110165028
Wireshark tcp - 2110165028Nanda Afif
 
Mail server
Mail serverMail server
Mail serverJazib Amjad
 
Wireshark http - 2110165028
Wireshark http - 2110165028Wireshark http - 2110165028
Wireshark http - 2110165028Nanda Afif
 
Unit-4 networking basics in java
Unit-4 networking basics in javaUnit-4 networking basics in java
Unit-4 networking basics in javaAmol Gaikwad
 

Más contenido relacionado

La actualidad más candente

Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking Salman Memon
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESSComputer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESSDr. SELVAGANESAN S
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solutionYasin Abdullah
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Wireshark tcp - 2110165028
Wireshark tcp - 2110165028Wireshark tcp - 2110165028
Wireshark tcp - 2110165028Nanda Afif
 

La actualidad más candente (20)

Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
Heartbleed
HeartbleedHeartbleed
Heartbleed
 
Media Access Layer
Media Access LayerMedia Access Layer
Media Access Layer
 
Email security - Netwroking
Email security - Netwroking Email security - Netwroking
Email security - Netwroking
 
Wireshark Basic Presentation
Wireshark Basic PresentationWireshark Basic Presentation
Wireshark Basic Presentation
 
5. icmp
5. icmp5. icmp
5. icmp
 
VPN Virtual Private Network
VPN Virtual Private NetworkVPN Virtual Private Network
VPN Virtual Private Network
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Mobile Transport layer
Mobile Transport layerMobile Transport layer
Mobile Transport layer
 
Socket Programming
Socket ProgrammingSocket Programming
Socket Programming
 
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESSComputer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
Computer Networks Unit 2 UNIT II DATA-LINK LAYER & MEDIA ACCESS
 
Email security
Email securityEmail security
Email security
 
Wireshark udp solution
Wireshark udp solutionWireshark udp solution
Wireshark udp solution
 
Smtp
SmtpSmtp
Smtp
 
Web services SOAP
Web services SOAPWeb services SOAP
Web services SOAP
 
TCP and UDP
TCP and UDP TCP and UDP
TCP and UDP
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
Wireshark tcp - 2110165028
Wireshark tcp - 2110165028Wireshark tcp - 2110165028
Wireshark tcp - 2110165028
 
Mail server
Mail serverMail server
Mail server
 

Similar a Wireshark Lab HTTP, DNS and ARP v7 solution

Wireshark http - 2110165028
Wireshark http - 2110165028Wireshark http - 2110165028
Wireshark http - 2110165028Nanda Afif
 
Unit-4 networking basics in java
Unit-4 networking basics in javaUnit-4 networking basics in java
Unit-4 networking basics in javaAmol Gaikwad
 
Wireshark http solution_v6.1
Wireshark http solution_v6.1Wireshark http solution_v6.1
Wireshark http solution_v6.1Yasin Abdullah
 
Understanding computer networks
Understanding computer networksUnderstanding computer networks
Understanding computer networksUC San Diego
 
Ccna discovery
Ccna discoveryCcna discovery
Ccna discoveryccnaguide
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)Jeff Green
 
Lecture 5 internet-protocol_assignments
Lecture 5 internet-protocol_assignmentsLecture 5 internet-protocol_assignments
Lecture 5 internet-protocol_assignmentsSerious_SamSoul
 
Cisco discovery d homesb module 6 - v.4 in english.
Cisco discovery d homesb module 6 - v.4 in english.Cisco discovery d homesb module 6 - v.4 in english.
Cisco discovery d homesb module 6 - v.4 in english.igede tirtanata
 
03 wireshark dns-solution_july_22_2007
03 wireshark dns-solution_july_22_200703 wireshark dns-solution_july_22_2007
03 wireshark dns-solution_july_22_2007brayan huamani capcha
 
Network Address Port Translation. Residential Network connections vi.pdf
Network Address Port Translation. Residential Network connections vi.pdfNetwork Address Port Translation. Residential Network connections vi.pdf
Network Address Port Translation. Residential Network connections vi.pdfshalins6
 
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUST
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUSTCombined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUST
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUSTEngr. Md. Jamal Uddin Rayhan
 
Ccna final exam
Ccna final examCcna final exam
Ccna final examccnaguide
 
A day in the life of a Web Request
A day in the life of a Web RequestA day in the life of a Web Request
A day in the life of a Web RequestMD.ANISUR RAHMAN
 

Similar a Wireshark Lab HTTP, DNS and ARP v7 solution (20)

Wireshark http - 2110165028
Wireshark http - 2110165028Wireshark http - 2110165028
Wireshark http - 2110165028
 
Unit-4 networking basics in java
Unit-4 networking basics in javaUnit-4 networking basics in java
Unit-4 networking basics in java
 
Wireshark http solution_v6.1
Wireshark http solution_v6.1Wireshark http solution_v6.1
Wireshark http solution_v6.1
 
Unit 8 Java
Unit 8 JavaUnit 8 Java
Unit 8 Java
 
Week6 final
Week6 finalWeek6 final
Week6 final
 
Understanding computer networks
Understanding computer networksUnderstanding computer networks
Understanding computer networks
 
Ccna discovery
Ccna discoveryCcna discovery
Ccna discovery
 
16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)16.) layer 3 (basic tcp ip routing)
16.) layer 3 (basic tcp ip routing)
 
Lecture 5 internet-protocol_assignments
Lecture 5 internet-protocol_assignmentsLecture 5 internet-protocol_assignments
Lecture 5 internet-protocol_assignments
 
Ccna guide
Ccna guideCcna guide
Ccna guide
 
More on Tcp/Ip
More on Tcp/IpMore on Tcp/Ip
More on Tcp/Ip
 
Cisco discovery d homesb module 6 - v.4 in english.
Cisco discovery d homesb module 6 - v.4 in english.Cisco discovery d homesb module 6 - v.4 in english.
Cisco discovery d homesb module 6 - v.4 in english.
 
03 wireshark dns-solution_july_22_2007
03 wireshark dns-solution_july_22_200703 wireshark dns-solution_july_22_2007
03 wireshark dns-solution_july_22_2007
 
Ccna study
Ccna studyCcna study
Ccna study
 
Ccna guide
Ccna guideCcna guide
Ccna guide
 
Understanding TCP and HTTP
Understanding TCP and HTTP Understanding TCP and HTTP
Understanding TCP and HTTP
 
Network Address Port Translation. Residential Network connections vi.pdf
Network Address Port Translation. Residential Network connections vi.pdfNetwork Address Port Translation. Residential Network connections vi.pdf
Network Address Port Translation. Residential Network connections vi.pdf
 
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUST
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUSTCombined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUST
Combined 2 Bank Compiled Post: SO(IT) Date: 25.09.2021 Taker: AUST
 
Ccna final exam
Ccna final examCcna final exam
Ccna final exam
 
A day in the life of a Web Request
A day in the life of a Web RequestA day in the life of a Web Request
A day in the life of a Web Request
 

Más de United International University

ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)
ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)
ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)United International University
 
All types of model(Simulation & Modelling) #ShareThisIfYouLike
All types of model(Simulation & Modelling) #ShareThisIfYouLikeAll types of model(Simulation & Modelling) #ShareThisIfYouLike
All types of model(Simulation & Modelling) #ShareThisIfYouLikeUnited International University
 
System imolementation(Modern Systems Analysis and Design)
System imolementation(Modern Systems Analysis and Design)System imolementation(Modern Systems Analysis and Design)
System imolementation(Modern Systems Analysis and Design)United International University
 
Free Space Management, Efficiency & Performance, Recovery and NFS
Free Space Management, Efficiency & Performance, Recovery and NFSFree Space Management, Efficiency & Performance, Recovery and NFS
Free Space Management, Efficiency & Performance, Recovery and NFSUnited International University
 

Más de United International University (19)

Digital Devices (3rd chapter-2nd part)
Digital Devices (3rd chapter-2nd part)Digital Devices (3rd chapter-2nd part)
Digital Devices (3rd chapter-2nd part)
 
Network Topology (partial)
Network Topology (partial)Network Topology (partial)
Network Topology (partial)
 
Corona prediction from symptoms v1.4
Corona prediction from symptoms v1.4Corona prediction from symptoms v1.4
Corona prediction from symptoms v1.4
 
Introduction to Cloud Computing
Introduction to Cloud ComputingIntroduction to Cloud Computing
Introduction to Cloud Computing
 
ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)
ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)
ICT-Number system.সংখ্যা পদ্ধতি(৩য় অধ্যায়-১ম অংশ)
 
Network Security(MD5)
Network Security(MD5)Network Security(MD5)
Network Security(MD5)
 
Secure Electronic Transaction
Secure Electronic TransactionSecure Electronic Transaction
Secure Electronic Transaction
 
Oracle installation
Oracle installationOracle installation
Oracle installation
 
IEEE 802.11 Project
IEEE 802.11 ProjectIEEE 802.11 Project
IEEE 802.11 Project
 
SONET-Communication Engineering
SONET-Communication EngineeringSONET-Communication Engineering
SONET-Communication Engineering
 
Security Issues for Cellular Telephony
Security Issues for Cellular TelephonySecurity Issues for Cellular Telephony
Security Issues for Cellular Telephony
 
All types of model(Simulation & Modelling) #ShareThisIfYouLike
All types of model(Simulation & Modelling) #ShareThisIfYouLikeAll types of model(Simulation & Modelling) #ShareThisIfYouLike
All types of model(Simulation & Modelling) #ShareThisIfYouLike
 
Type Checking(Compiler Design) #ShareThisIfYouLike
Type Checking(Compiler Design) #ShareThisIfYouLikeType Checking(Compiler Design) #ShareThisIfYouLike
Type Checking(Compiler Design) #ShareThisIfYouLike
 
System imolementation(Modern Systems Analysis and Design)
System imolementation(Modern Systems Analysis and Design)System imolementation(Modern Systems Analysis and Design)
System imolementation(Modern Systems Analysis and Design)
 
Making Complex Decisions(Artificial Intelligence)
Making Complex Decisions(Artificial Intelligence)Making Complex Decisions(Artificial Intelligence)
Making Complex Decisions(Artificial Intelligence)
 
Free Space Management, Efficiency & Performance, Recovery and NFS
Free Space Management, Efficiency & Performance, Recovery and NFSFree Space Management, Efficiency & Performance, Recovery and NFS
Free Space Management, Efficiency & Performance, Recovery and NFS
 
Overview of Computer Graphics
Overview of Computer GraphicsOverview of Computer Graphics
Overview of Computer Graphics
 
Keyboard & Mouse basics
Keyboard & Mouse basics Keyboard & Mouse basics
Keyboard & Mouse basics
 
Organization of a computer
Organization of a computerOrganization of a computer
Organization of a computer
 

Último

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfSpandanaRallapalli
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxSherlyMaeNeri
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomnelietumpap1
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 

Último (20)

ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
ACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdfACC 2024 Chronicles. Cardiology. Exam.pdf
ACC 2024 Chronicles. Cardiology. Exam.pdf
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Judging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptxJudging the Relevance and worth of ideas part 2.pptx
Judging the Relevance and worth of ideas part 2.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
ENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choomENGLISH6-Q4-W3.pptxqurter our high choom
ENGLISH6-Q4-W3.pptxqurter our high choom
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 

Wireshark Lab HTTP, DNS and ARP v7 solution

  • 1. Wireshark Lab HTTP, DNS, ARP v7 HTTP 1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running? Answer: Both are HTTP 1.1 2. What languages (if any) does your browser indicate that it can accept to the server? Answer: Accept-Language: en-us, en 3. What is the IP address of your computer? Of the gaia.cs.umass.edu server? Answer: My IP address is 192.168.1.102 and the server’s is 128.119.245.12 4. What is the status code returned from the server to your browser? Answer: HTTP/1.1 200 OK (text/html) 5. When was the HTML file that you are retrieving last modified at the server? Answer: Last-Modified: Thu, 07 Jun 2007 22:09:01 GMT 6. How many bytes of content are being returned to your browser? Answer: Content-Length: 126 7. By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one. Answer: No all of the headers can be found in the raw data. 8. Inspect the contents of the first HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE” line in the HTTP GET? Answer: No
  • 2. 9. Inspect the contents of the server response. Did the server explicitly return the contents of the file? How can you tell? Answer: Yes because we can see the contents in the Line-based text data field. 10. Now inspect the contents of the second HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-MODIFIED-SINCE:” header? Answer: Yes. The information following is: Thu, 07 Jun 2007 16:29:01 GMT. 11. What is the HTTP status code and phrase returned from the server in response to this second HTTP GET? Did the server explicitly return the contents of the file? Explain. Answer: is HTTP/1.1 304 Not Modified. The server didn’t return the contents of the file since the browser loaded it from its cache. 12. How many HTTP GET request messages were sent by your browser? Answer: There was 1 HTTP GET request message sent by my browser as seen in the screenshot. 13. How many data-containing TCP segments were needed to carry the single HTTP response? Answer: TCP segments containing 309, 1452, 1452, 1452 and 144 bytes respectively for a total of 4500 bytes. 14. What is the status code and phrase associated with the response to the HTTP GET request? Answer: 200 OK 15. Are there any HTTP status lines in the transmitted data associated with a TCP induced “Continuation”? Answer: No
  • 3. 16. How many HTTP GET request messages were sent by your browser? To which Internet addresses were these GET requests sent? Answer: As you can see from the above screenshot there were 3 HTTP GET requests sent to the following Internet addresses: a. 128.119.245.12 b. 128.119.240.90 c. 165.193.123.218 17. Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain. Answer: By checking the TCP ports we can see if our files were downloaded serially or in parallel. In this case the 2 images were transmitted over 2 TCP connections therefore they were downloaded serially. 18. What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser? Answer: Status code: 401, Phrase: Authorization Required 19. When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message? Answer: As seen in the screenshot the new field (highlighted) is Authorization. Authorization: Basic d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=rn DNS
  • 4. 4. Locate the DNS query and response messages. Are then sent over UDP or TCP? ANSWER: They are sent over UDP 5. What is the destination port for the DNS query message? What is the source port of DNS response message? ANSWER: The destination port for the DNS query is 53 and the source port of the DNS response is 53. 6. To what IP address is the DNS query message sent? Use ipconfig to determine the IP address of your local DNS server. Are these two IP addresses the same? ANSWER: It’s sent to 192.168.1.1, 7. Examine the DNS query message. What “Type” of DNS query is it? Does the query message contain any “answers”? ANSWER: It’s a type A Standard Query and it doesn’t contain any answers. 8. Examine the DNS response message. How many “answers” are provided? What do each of these answers contain? ANSWER: There were 2 answers containing information about the name of the host, the type of address, class, the TTL, the data length and the IP address. 9. Consider the subsequent TCP SYN packet sent by your host. Does the destination IP address of the SYN packet correspond to any of the IP addresses provided in the DNS response message? ANSWER: The first SYN packet was sent to 209.173.57.180 which corresponds to the first IP address provided in the DNS response message. 10. This web page contains images. Before retrieving each image, does your host issue new DNS queries?
  • 5. ANSWER: No ARP 1. What is the 48-bit Ethernet address of your computer? ANSWER: The Ethernet address of my computer is 00:09:5b:61:8e:6d 2. What is the 48-bit destination address in the Ethernet frame? Is this the Ethernet address of gaia.cs.umass.edu? What device has this as its Ethernet address? ANSWER: The destination address 00:0c:41:45:90:a8 is not the Ethernet address of gaia.cs.umass.edu. It is the address of my Linksys router. 3. Give the hexadecimal value for the two-byte Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Frame type field is 0x0800. 4. How many bytes from the very start of the Ethernet frame does the ASCII “G” in “GET” appear in the Ethernet frame? ANSWER: The ASCII “G” appears 52 bytes from the start of the ethernet frame. There are 14 B Ethernet frame, and then 20 bytes of IP header followed by 20 bytes of TCP header before the HTTP data is encountered. 5. What is the hexadecimal value of the CRC field in this Ethernet frame? ANSWER: The hex value for the CRC field is 0x 0d0a 0d0a. 6. What is the value of the Ethernet source address? Is this the address of your computer, or of gaia.cs.umass.edu? What device has this as its Ethernet address?
  • 6. ANSWER: The source address 00:0c:41:45:90:a8. Ethernet address of gaia.cs.umass.edu not the address of my computer. It is the address of my Linksys router. 7. What is the destination address in the Ethernet frame? Is this the Ethernet address of your computer? ANSWER: The destination address 00:09:5b:61:8e:6d is the address of computer. 8. Give the hexadecimal value for the two-byte Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Frame type field is 0x0800. 9. How many bytes from the very start of the Ethernet frame does the ASCII “O” in “OK” (i.e., the HTTP response code) appear in the Ethernet frame? ANSWER: The ASCII “O” appears 52 bytes from the start of the ethernet frame. 10. What is the hexadecimal value of the CRC field in this Ethernet frame? ANSWER: The hex value for the CRC field is 0x 0d0a 0d0a. 11. Write down the contents of your computer’s ARP cache. What is the meaning of each column value? ANSWER: The Internet Address column contains the IP address, the Physical Address column contains the MAC address, and the type indicates the protocol type. 12. What are the hexadecimal values for the source and destination addresses in the Ethernet frame containing the ARP request message? ANSWER: The hex value for the source address is 00:d0:59:a9:3d:68. The hex value for the destination address is ff:ff:ff:ff:ff:ff, the broadcast address.
  • 7. 13. Give the hexadecimal value for the two-byte Ethernet Frame type field. What do the bit(s) whose value is 1 mean within the flag field? ANSWER: The hex value for the Ethernet Frame type field is 0x0806, for ARP. 14. Download the ARP specification from ftp://ftp.rfc-editor.org/innotes/std/std37.txt. A readable, detailed discussion of ARP is also at http://www.erg.abdn.ac.uk/users/gorry/course/inet- pages/arp.html. a) How many bytes from the very beginning of the Ethernet frame does the ARP opcode field begin? ANSWER: 20 bytes. b) What is the value of the opcode field within the ARP-payload part of the Ethernet frame in which an ARP request is made? ANSWER: ARP-payload of the request is 0x0001. c) Does the ARP message contain the IP address of the sender? ANSWER: Yes, the ARP message containing the IP address 192.168.1.105 for the sender. d) Where in the ARP request does the “question” appear – the Ethernet address of the machine whose corresponding IP address is being queried? ANSWER: 15. Now find the ARP reply that was sent in response to the ARP request. a) How many bytes from the very beginning of the Ethernet frame does the ARP opcode field begin? ANSWER: 20 bytes.
  • 8. b) What is the value of the opcode field within the ARP-payload part of the Ethernet frame in which an ARP response is made? ANSWER: The ARP-payload of the request is 0x0002, for reply. c) Where in the ARP message does the “answer” to the earlier ARP request appear – the IP address of the machine having the Ethernet address whose corresponding IP address is being queried? ANSWER: 16. What are the hexadecimal values for the source and destination addresses in the Ethernet frame containing the ARP reply message? ANSWER: The source address is 00:06:25:da:af:73 and for the destination is 00:d0:59:a9:3d:68.