Computer Networks（计算机网络）实验

Lab 1

Part 1:Intro Lab

STEPS

?Start up your favorite web browser, which will display your selected homepage. ?Start up the Wireshark software. You will initially see a window

?To begin packet capture, select the Capture pull down menu and select Options. This will cause the “Wireshark: Capture Options” window to be displayed

?You can use most of the default values in this window, but uncheck “Hide capture info dialog” under Display Options. The network interfaces (i.e., the physical

connections) that your computer has to the network will be shown in the Interface pull down menu at the top of the Capture Options window. In case your computer has more than one active network interface (e.g., if you have both a wireless and a wired Ethernet connection), you will need to select an interface that is being used to send and receive packets (mostly likely the wired interface). After selecting the network interface (or using the default interface chosen by Wireshark), click Start. Packet capture will now begin - all packets being sent/received from/by your computer are now being captured by Wireshark!

?Once you begin packet capture, a packet capture summary window will appear. This window summarizes the number of packets of various types that are being captured, and (importantly!) contains the Stop button that will allow you to stop packet capture. Don’t stop packet capture yet. ?While Wireshark is running, enter the URL:

http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-file1.html and have that page displayed in your browser. In order to display this page, your browser will

contact the HTTP server at gaia.cs.umass.edu and exchange HTTP messages with the server in order to download this page, as discussed in section 2.2 of the text. The Ethernet frames containing these HTTP messages will be captured by Wireshark. ?After your browser has displayed the INTRO-wireshark-file1.html page, stop Wireshark packet capture by selecting stop in the Wireshark capture window. This will cause the Wireshark capture window to disappear and the main Wireshark window to display all packets captured since you began packet capture. You now have live packet data that contains all protocol messages exchanged between your computer and other network entities! The HTTP message exchanges with the gaia.cs.umass.edu web server should appear somewhere in the listing of packets captured. But there will be many other types of packets displayed as well. Even though the only action you took was to download a web page, there were evidently many other protocols running on your computer that are unseen by the user. We’ll

learn much more about these protocols as we progress through the text! For now, you should just be aware that there is often much more going on than “meet’s the eye”! ?Type in “http” (without the quotes, and in lower case – all protocol names are in lower case in Wireshark) into the display filter specification window at the top of the main Wireshark window. Then select Apply (to the right of where you entered “http”). This will cause only HTTP message to be displayed in the packet-listing window. ?Select the first http message shown in the packet-listing window. This should be the HTTP GET message that was sent from your computer to the gaia.cs.umass.edu HTTP server. When you select the HTTP GET message, the Ethernet frame, IP

datagram, TCP segment, and HTTP message header information will be displayed in the packet-header window3 . By clicking plusand-minus boxes to the left side of the packet details window, minimize the amount of Frame, Ethernet, Internet Protocol, and Transmission Control Protocol information displayed. Maximize the amount information displayed about the HTTP protocol. (Note, in particular, the minimized amount of protocol information for all protocols except HTTP, and the maximized amount of protocol information for HTTP in the packet-header window). ?Exit Wireshark

Questions

1、List up to 10 different protocols that appear in the protocol column in the unfiltered packet-listing window in step 7 above.

EAP、NBNS、UDP、LLMNR、ARP、ICMPV6、SSDP、DHCPV6、TCP、IGMPV2

2. How long did it take from when the HTTP GET message was sent until the HTTP OK reply was received? (By default, the value of the Time column in the packetlisting window is the amount of time, in seconds, since Wireshark tracing began. To display the Time field in time-of-day format, select the Wireshark View pull down menu, then select Time Display Format, then select Time-of-day.)

So the time is 20:17:16:703005000 – 20:17:16:275189000 = 0.427816(seconds)

3. What is the Internet address of the gaia.cs.umass.edu (also known as wwwnet.cs.umass.edu)? What is the Internet address of your computer?

So the IP address of the gaia.cs.umass.edu is 128.119.245.12, and the IP address of my computer is 172.19.4.142.

4. Print the two HTTP messages displayed in step 9 above. To do so, select Print from the Wireshark File command menu, and select “Selected Packet Only” and “Print as displayed” and then click OK. The first HTTP messages:

The second HTTP messages:

Part 2: HTTP Lab

1. The Basic HTTP GET/response interaction STEPS

?Start up your web browser.

?Start up the Wireshark packet sniffer, as described in the Introductory lab (but don’t yet begin packet capture). Enter “http” (just the letters, not the quotation marks) in the display-filter-specification window, so that only captured HTTP messages will be displayed later in the packet-listing window. (We’re only interested in the HTTP protocol here, and don’t want to see the clutter of all captured packets).

?Wait a bit more than one minute (we’ll see why shortly), and then begin Wireshark packet capture. ?Enter the following to your browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html Your browser should display the very simple, one-line HTML file. ?Stop Wireshark packet capture.

Before we answer these questions, there are the HTTP messages.

Questions

1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running?

Both of them are 1.1

2. What languages (if any) does your browser indicate that it can accept to the server? zh-CN

3. What is the IP address of your computer? Of the gaia.cs.umass.edu server? The IP address of my computer is 172.19.49.122. The IP address of the gaia.cs.umass.edu server is 128.119.245.12.

4. What is the status code returned from the server to your browser? 200

5. When was the HTML file that you are retrieving last modified at the server? Wed ,01 Apr 2015 13:14:19 GMT

6. How many bytes of content are being returned to your browser? 128 bytes

7. By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one. No.

2. The HTTP CONDITIONAL GET/response interaction STEPS

?Start up your web browser, and make sure your browser’s cache is cleared, as discussed above.

?Start up the Wireshark packet sniffer

?Enter the following URL into your browser

http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file2.html Your browser should display a very simple five-line HTML file.

?Quickly enter the same URL into your browser again (or simply select the refresh button on your browser)

?Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed later in the packet-listing window.

?(Note: If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-2 packet trace to answer the questions below; see footnote 1. This trace file was gathered while performing the steps above on one of the author’s computers.)

Questions

8. Inspect the contents of the first HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE” line in the HTTP GET?

No

9. Inspect the contents of the server response. Did the server explicitly return the contents of the file? How can you tell?

Yes. Because we can see a line of “Line-based text data: text/html” and the content below the line.

10. Now inspect the contents of the second HTTP GET request from your browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information follows the “IF-MODIFIED-SINCE:” header? Yes. Wed, 01 Apr 2015 05:59:01 GMT

11. What is the HTTP status code and phrase returned from the server in response to this second HTTP GET? Did the server explicitly return the contents of the file? Explain.

304 Not Modified. No, because the content have been in the cache.

3. Retrieving Long Documents STEPS

?Start up your web browser, and make sure your browser’s cache is cleared, as discussed above.

?Start up the Wireshark packet sniffer

?Enter the following URL into your browser

http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html Your browser should display the rather lengthy US Bill of Rights. ?Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed.

?(Note: If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-3 packet trace to answer the questions below; see footnote 1. This trace file was gathered while performing the steps above on one of the author’s computers.)

Questions

12. How many HTTP GET request messages were sent by your browser? Just one.

13. How many data-containing TCP segments were needed to carry the single HTTP response? Four.

14. What is the status code and phrase associated with the response to the HTTP GET request? 200 ok

15. Are there any HTTP status lines in the transmitted data associated with a TCPinduced “Continuation”? No.

4. HTML Documents with Embedded Objects STEPS

?Start up your web browser, and make sure your browser’s cache is cleared, as discussed above.

?Start up the Wireshark packet sniffer ? Enter the following URL into your

browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.html Your browser should display a short HTML file with two images. These two images are referenced in the base HTML file. That is, the images themselves are not contained in the HTML; instead the URLs for the images are contained in the

downloaded HTML file. As discussed in the textbook, your browser will have to retrieve these logos from the indicated web sites. Our publisher’s logo is retrieved from the www.aw-bc.com web site. The image of our book’s cover is stored at the manic.cs.umass.edu server.

?Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed.

?(Note: If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-4 packet trace to answer the questions below; see footnote 1. This trace file was gathered while performing the steps above on one of the author’s computers.)

Questions

16. How many HTTP GET request messages were sent by your browser? To which Internet addresses were these GET requests sent?

There are four HTTP GET request messages were sent by my browser. One for the HTML:128.119.245.12 One for an object: 165.193.140.14

Two for another object: 128.119.240.90. The first time it get a 302 Found, then it send a GET message again. In the Last it get a 200 OK.

17. Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain.

Parallel. We can see that the second request is send just after the first request is sent, rather than waiting for the reception of the first image.

5. HTTP Authentication STEPS

?Make sure your browser’s cache is cleared, as discussed above, and close down your browser. Then, start up your browser

? Start up the Wireshark packet sniffer

? Enter the following URL into your browser

http://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wiresharkfile5.html Type the requested user name and password into the pop up box. ? Stop Wireshark packet capture, and enter “http” in the

display-filter-specification window, so that only captured HTTP messages will be displayed later in the packet-listing window.

? (Note: If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-5 packet trace to answer the questions below; see footnote 1. This trace file was gathered while performing the steps above on one of the author’s computers.)

Questions

18. What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser? 401 Authorization Required

19. When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message? Authorization field.

本文来源：https://www.bwwdw.com/article/wmit.html