the assignment will be uploaded as a word document
Wireshark exercise Read it carefully and then answer the questions on the last page. Save the file as "Wireshark-YOUR LAST NAME)" Note- this exercise goes along with what you have learned in chapters 2, 4 and 5 where we discuss MAC addresses, ports and protocols and it is designed to help you understand the kind of information provided by the free downloadable packet capturing tool called Wireshark. Wireshark allows you to understand protocols in action (i.e. HTTP, TCP, IP and Ethernet – which are all famous protocols). You can also see actual port numbers and addresses. You can see the data link frames in action on your network. Below are screen shots and explanations of a real packet capture. The first left-most column is the Packet number. Notice the Packet marked number 1. Figure 1 – Overview of what you see: Reading from left to right, you can see the IP addresses of the Source (the requestor) and the destination. You can see the Protocol for that packet, the length and other information such as the port number. In Packet 1, 192.168.1.140 is requesting data from web server 173.143.213.184 In Packet 2, there is a response back to requestor In Packet 3, there is another request to the web server In Packet number 4 above, the protocol switches to HTTP indicating a web page request for a data file on the web site. When you click on any Packet line, you will see details of the packet listed below the packet window. There will be arrows you can click on to see more detail about the packet. Figures 2a, 2b, and 2c list some of the detail for Packet number 1. Figure 2a – notice I can see my computer’s MAC address here on the first line. Figure 2b – Here I am looking at more detail about IP version 4. Figure 2c – notice the source port here. We need the port information. A port number is a 16-bit unsigned integer, thus ranging from 0 to 65535. (Depending on protocol, some port numbers are reserved and cannot be used.) When a host generates a request or sends data, it requires the: 1) IP address to which it wants to send the data or request, and 2) the Port number of the remote host where the data or request should be sent. Switching to a new Packet Notice in Figure 3 below, when I click on Packet number four, I can now look at the Hypertext Transfer Protocol in detail (see the lines marked in blue). And I can see the kind of data I am attempting to download on the GET line. To summarize, on Packet number 4, I am making an HTTP request to a server to download some data. Notice the GET command. Figure 3 Switching to a new Packet Packet 36 actually displays the return of the request for the data file that was made in Packet 4. It is another HTTP protocol packet and when I open up the Hypertext Transfer Protocol detail, I see the detail in Figure 4. In this clip, I actually see the server that will be responding to my request for a data download. Remember: Server can refer to both server software and to the machines designed to run that software. Multiple servers can run on the same machine. Figure 4 NOTE: A lot is happening very quickly in packet capturing, so most people prefer to capture the data and save it to their hard drives for further review. The data I am using for this exercise is captured data. It is saved in a file with any name you wish and “cap” as the file extension. I.e. http.cap With the data provided above, you should now be able to answer the following questions: Note: Diagrams 2-11 and 2-12 in the textbook will help with HTTP. (Also read about different types of addresses in Ch. 5) Each question is worth 2 points each. 1. What is the IP address of the web server? __________________________ 2. What does the number 57678 represent? (Be specific – no general terms and do not repeat back what is on the diagrams.) _____________________________________________________________________________ 3. What type of data is being downloaded? (ie, what kind of data file) ______________________________________________________________________________ 4. What is the web server being used? _________________________________________________ 5. What is the MAC address of the client? ______________________________________________