Scribd Logo
Upload

Welcome to Scribd!

  • ITCE 314 Lab Report 1

    Uploaded by

    Amna Azmat
    54 views7 pages
    Computer Engineering

    Copyright

    © © All Rights Reserved

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Computer Engineering

    Copyright:

    © All Rights Reserved
    Flag for inappropriate content
    54 views7 pages

    ITCE 314 Lab Report 1

    Uploaded by

    Amna Azmat
    Computer Engineering

    Copyright:

    © All Rights Reserved
    Flag for inappropriate content
    of 7

    EXPERIMENT 1: WIRESHARK

    LAB: GETTING STARTED

    STUDENT’S NAME: AMNA AZMAT RAZA MALIK


    STUDENT’S ID: 20161934
    DATE OF SUBMISSION: 16 OCT 2018
    AIM: The aim of this experiment is to get familiar with the Wireshark and
    understand the basics of network protocols.

    INTRODUCTION: Wireshark is a free and open source network protocol analyzer


    that enables users to interactively browse the data traffic on a computer network. It
    is used to analyze the structure of different network protocols and has the ability to
    demonstrate encapsulation. Wireshark, formerly known as Ethereal, can be used to
    examine the details of traffic at a variety of levels ranging from connection-level
    information to the bits that make up a single packet. Packet capture can provide a
    network administrator with information about individual packets such as transmit
    time, source, destination, and protocol type and header type data. This information
    can be useful for evaluating security events and troubleshooting network security
    device issues.
    The basic tool for observing the messages exchanged between executing
    protocol entities is called a packet sniffer. As the name suggests, a packet
    sniffer captures (“sniffs”) messages being sent/received from/by your
    computer; it will also typically store and/or display the contents of the
    various protocol fields in these captured messages. A packet sniffer itself is
    passive. It observes messages being sent and received by applications and
    protocols running on your computer, but never sends packets itself.
    Similarly, received packets are never explicitly addressed to the packet
    sniffer. Instead, a packet sniffer receives a copy of packets that are
    sent/received from/by application and protocols executing on your machine.

    packet sniffer

    packet application (e.g., www


    application
    analyzer browser, ftp client)

    operating
    system Transport (TCP/UDP)
    packet Network (IP)
    capture copy of all Ethernet
    frames sent/received
    Link (Ethernet)
    (pcap)
    Physical

    to/from network to/from network

    Figure 1: Packet sniffer structure


    The second component of a packet sniffer is the packet analyzer, which
    displays the contents of all fields within a protocol message. In order to do
    so, the packet analyzer must “understand” the structure of all messages
    exchanged by protocols.

    PROCEDURE:

    1. First of all an interface was selected.


    2. All the packets were captured by the Wireshark on the particular
    interface.

    3. A window appeared which viewed the packets that were being


    captured.

    4. URL: http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-
    file1.html was entered. The HTTP messages were taken by
    Wireshark.

    5. Then the process was stopped by pressing the stop button on top menu.

    6. HTTP was typed in lower case into the display filter specification window at
    the top of the main Wireshark window.

    7. The process was allowed to run due to which only HTTP messages were
    appeared in the packet-listing window.

    8. Then the process of packet transfer was captured by considering the address
    of computer and the above website.
    9. Wireshark was turned off.
    Figure 1: Packet Transfer from computer (source) to the
    website (destination).

    Figure 2: Packet transfer from website (source) to the


    computer (destination)

    QUESTIONS AND ANSWERS:


     List 3 different protocols that appear in the protocol column in the
    unfiltered packet-listing window in step 7 above.
    Ans: The protocols that appeared were:
     Ethernet II
     Transmission control protocol
     Hypertext Transfer Protocol
     Internet Protocol

     What is the Internet address of the gaia.cs.umass.edu (also known as


    wwwnet.cs.umass.edu)? What is the Internet address of your computer?
    Ans: The internet address of gaia.cs.umass.edu was 128.119.245.12
    The internet address of the computer was 192.168.80.113

     How long did it take from when the HTTP GET message was sent
    until the HTTP OK reply was received?
    Ans: HTTP GET was sent at 15:04:34.385210 while HTTP OK reply was
    received at 15:04:34.577876.

     Print the two HTTP messages (GET and OK) referred to in question 2 above.
    To do so, select Print from the Wireshark File command menu, and select the
    “Selected Packet Only” and “Print as displayed” radial buttons, and then
    click OK

    Ans : The GET and OK HTTP messages that appeared were as follows:
    HTTP GET MESSAGE :
    HTTP OK MESSAGE :
    CONCLUSION: In this experiment we got familiar with the use of
    Wireshark and we were able to read and understand the transfer of packets
    from source to destination.

    You might also like