Professional Documents
Culture Documents
packet sniffer
operating
system Transport (TCP/UDP)
packet Network (IP)
capture copy of all Ethernet
frames sent/received
Link (Ethernet)
(pcap)
Physical
PROCEDURE:
4. URL: http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-
file1.html was entered. The HTTP messages were taken by
Wireshark.
5. Then the process was stopped by pressing the stop button on top menu.
6. HTTP was typed in lower case into the display filter specification window at
the top of the main Wireshark window.
7. The process was allowed to run due to which only HTTP messages were
appeared in the packet-listing window.
8. Then the process of packet transfer was captured by considering the address
of computer and the above website.
9. Wireshark was turned off.
Figure 1: Packet Transfer from computer (source) to the
website (destination).
How long did it take from when the HTTP GET message was sent
until the HTTP OK reply was received?
Ans: HTTP GET was sent at 15:04:34.385210 while HTTP OK reply was
received at 15:04:34.577876.
Print the two HTTP messages (GET and OK) referred to in question 2 above.
To do so, select Print from the Wireshark File command menu, and select the
“Selected Packet Only” and “Print as displayed” radial buttons, and then
click OK
Ans : The GET and OK HTTP messages that appeared were as follows:
HTTP GET MESSAGE :
HTTP OK MESSAGE :
CONCLUSION: In this experiment we got familiar with the use of
Wireshark and we were able to read and understand the transfer of packets
from source to destination.