Scribd Logo
Upload

Welcome to Scribd!

  • 49 views

    Practical 02 - Playing With Ethereal

    Uploaded by

    api-3759042
    This document provides instructions for using the Ethereal network analysis tool to analyze network traffic between a computer and the Microsoft website. It involves downloading and installing Ethereal and WinPcap, capturing network traffic while loading the Microsoft site, and analyzing the HTTP and TCP packets in the capture. Key things to analyze include the client and server IP addresses, HTTP version and use of GET requests, potential multiple IP addresses for Microsoft, browser name and version in packet details, source and destination ports, and comparing DNS servers to those shown in ipconfig. Screenshots and answers to questions are required for a lab report.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Practical 02 - Playing With Ethereal

    Uploaded by

    api-3759042
    49 views2 pages
    This document provides instructions for using the Ethereal network analysis tool to analyze network traffic between a computer and the Microsoft website. It involves downloading and installing Ethereal and WinPcap, capturing network traffic while loading the Microsoft site, and analyzing the HTTP and TCP packets in the capture. Key things to analyze include the client and server IP addresses, HTTP version and use of GET requests, potential multiple IP addresses for Microsoft, browser name and version in packet details, source and destination ports, and comparing DNS servers to those shown in ipconfig. Screenshots and answers to questions are required for a lab report.

    Original Description:

    Original Title

    Practical 02- Playing with Ethereal

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides instructions for using the Ethereal network analysis tool to analyze network traffic between a computer and the Microsoft website. It involves downloading and installing Ethereal and WinPcap, capturing network traffic while loading the Microsoft site, and analyzing the HTTP and TCP packets in the capture. Key things to analyze include the client and server IP addresses, HTTP version and use of GET requests, potential multiple IP addresses for Microsoft, browser name and version in packet details, source and destination ports, and comparing DNS servers to those shown in ipconfig. Screenshots and answers to questions are required for a lab report.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    49 views2 pages

    Practical 02 - Playing With Ethereal

    Uploaded by

    api-3759042
    This document provides instructions for using the Ethereal network analysis tool to analyze network traffic between a computer and the Microsoft website. It involves downloading and installing Ethereal and WinPcap, capturing network traffic while loading the Microsoft site, and analyzing the HTTP and TCP packets in the capture. Key things to analyze include the client and server IP addresses, HTTP version and use of GET requests, potential multiple IP addresses for Microsoft, browser name and version in packet details, source and destination ports, and comparing DNS servers to those shown in ipconfig. Screenshots and answers to questions are required for a lab report.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    Computer Networks Lab

    Version 1.0
    Playing with Ethereal

    1. Go to http://www.ethereal.com and select download and then download the


    ethereal version for Windows. Install the Ethereal on your computer.
    2. Winpcap can be found at http://winpcap.polito.it/. Select get Winpcap and
    download the version 3.1. Install it on your machine.
    (Probably I will try to install them on machines to save your time, if did install
    them already, then escape the first 2 steps)
    3. Open the web browser on the machine. Let the default page loaded.
    4. Run Ethereal on your machine.
    5. Select Capture->interfaces. Then select prepare button for the correct interface
    (correct interface means by which you are connecting to the web. If you have
    difficulties, ask me please)
    6. In ethereal capture options dialogue, uncheck all options in display options
    and check option 1 and 3 (not 2) in name resolution. Then press start.
    7. What you will see, don’t bother about that at the moment. Go to your opened
    web page, and in the URL, type http://www.microsoft.com.
    8. Press stop in the ethereal software when the page is fully loaded in the
    browser. It will take you to the details of the packets.
    9. OOPS! Lots of packet details! No worries! There, in the filter option (see
    Figure), type http. Press enter.

    Figure: Ethereal Output

    10. What you will see now, is the HTTP packets exchanged between you and
    Microsoft’s server(s).

    Rushdi Shams 1 Dept of CSE, KUET


    PDF Created with deskPDF PDF Writer - Trial :: http://www.docudesk.com
    11. Loads of information right? Ok, don’t worry. They will be resolved to you
    soon as you go through the following questions (Take screenshots to provide
    evidence for your assignments).
     Can you tell the IP address of yours and IP address of Microsoft?
     What is the version of HTTP?
     Did you notice that the GET thing? What is the resemblance of its
    occurring? (e.g. for which case it’s occurring and for which case it’s
    not?)
     Are there multiple IP addresses representing Microsoft? If so, what is
    the reason?
    12. Now, select the first packet in the listing of captured packets (see Figure) (If
    you are drowning in packets, use the arrow with a bar over it symbol to get to
    the first packet). Go to the details of selected packet header pane (see Figure)
    (Take Screenshots to provide evidence for your assignment).
     Expand HTTP Protocol. What is the name of your web browser and its
    version?
     Which language it accepts?
     Can you please tell the source port and destination port by expanding
    TCP?
     What do you think- which one is the client port and which one is the
    server port? How did you answer this question (if you are really
    correct)?
    13. Now, in the filter option, type tcp and press enter.
    14. Before the HTTP GET, did you notice the 3 TCP packets exchanged between
    two parties? They are 3 way handshakes. Take a screenshot of it as well as
    notes on the sequence numbers and acknowledge numbers.
    15. Phew! Loads of work you have done with HTTP and TCP! Ok, in the filter
    option, delete anything written (or rather I say blank it?). Then press enter.
    16. You see some different coloured packets there? You see the protocol ARP and
    DNS there? If not, please ask me if I can help you with these.
    17. Well, what are ARP and DNS then? It is too early for you, but you should ask
    me about this. You need to explain it inside your assignment (don’t worry, it is
    easier one!).
    18. Ok, go to start menu->run. Write cmd. Then on the command prompt, write
    ipconfig /all. You see loads of information about your networks. Do you see
    the DNS server’s address there? Does it match with the one at Ethereal
    output?

    Deliverable:

    The report should contain introduction, procedure, screenshots, answer of all the
    questions and conclusion.

    The report must be delivered both in .doc format and in printed format. I will not
    accept any hand written report.
    You should not copy other people’s work. If you take a reference from the Internet or
    other source, then appropriately state them in the end of your report. You will be
    penalized a resubmission if you copy any of your classmate’s work (that classmate
    will be penalized too for this) or if you take ideas from the Internet or other source
    but do not refer to them at all.

    Rushdi Shams 2 Dept of CSE, KUET


    PDF Created with deskPDF PDF Writer - Trial :: http://www.docudesk.com

    You might also like