Professional Documents
Culture Documents
121CS0184 ComputerNetworks
121CS0184 ComputerNetworks
Roll No-121CS0184
Q1: Answer the following questions for captured file http.pcap (HTTP
Protocol)
Ans).
ARP (Address Resolution Protocol):
Purpose: ARP is used to map an IP address to a physical MAC (Media
Access Control) address on a local network. When a device wants to
communicate with another device on the same network, it needs to know
the MAC address associated with the IP address of the target device.
Operation: The device sends an ARP request broadcast asking, "Who has
this IP address?" The device with the corresponding IP address responds
with its MAC address, and the mapping is stored in an ARP table.
Ans)
Source (Computer): 192.168.43.153,
Destination (iitd.ac.in): 192.168.43.1
For GET:-
773 total packets, 773 shown
No.
Time
Source
Destination
Protocol Length Info
239 12:49:07.666222
192.168.43.153
103.27.9.167
HTTP
473
GET /vacancies
HTTP/1.1
Frame 239: 473 bytes on wire (3784 bits), 473 bytes captured (3784 bits)
Encapsulation type: Ethernet (1)
Arrival Time: Jul 29, 2017 12:49:07.666222000 IST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1501312747.666222000 seconds
[Time delta from previous captured frame: 0.000130000 seconds]
[Time delta from previous displayed frame: 0.000130000 seconds]
[Time since reference or first frame: 76.328605000 seconds]
Frame Number: 239
Frame Length: 473 bytes (3784 bits)
Capture Length: 473 bytes (3784 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ethertype:ip:tcp:http]
[Coloring Rule Name: HTTP]
[Coloring Rule String: http || tcp.port == 80 || http2]
Ethernet II, Src: HonHaiPr_8c:90:55 (e0:06:e6:8c:90:55), Dst:
XiaomiCo_9e:9c:c3 (ac:c1:ee:9e:9c:c3)
Destination: XiaomiCo_9e:9c:c3 (ac:c1:ee:9e:9c:c3)
Source: HonHaiPr_8c:90:55 (e0:06:e6:8c:90:55)
Type: IPv4 (0x0800)
Internet Protocol Version 4, Src: 192.168.43.153, Dst: 103.27.9.167
0100 .... = Version: 4
.... 0101 = Header Length: 20 bytes (5)
Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)
Total Length: 459
Identification: 0x6ba3 (27555)
Flags: 0x40, Don't fragment
...0 0000 0000 0000 = Fragment Offset: 0
Time to Live: 64
Protocol: TCP (6)
Header Checksum: 0x7086 [validation disabled]
[Header checksum status: Unverified]
Source Address: 192.168.43.153
Destination Address: 103.27.9.167
Transmission Control Protocol, Src Port: 33425, Dst Port: 80, Seq: 1, Ack: 1,
Len: 407
Source Port: 33425
Destination Port: 80
[Stream index: 11]
[Conversation completeness: Complete, WITH_DATA (31)]
[TCP Segment Len: 407]
Sequence Number: 1
(relative sequence number)
Sequence Number (raw): 2898992397
[Next Sequence Number: 408
(relative sequence number)]
Acknowledgment Number: 1
(relative ack number)
Acknowledgment number (raw): 1247631054
1000 .... = Header Length: 32 bytes (8)
Flags: 0x018 (PSH, ACK)
Window: 115
[Calculated window size: 14720]
[Window size scaling factor: 128]
Checksum: 0x9ff5 [unverified]
[Checksum Status: Unverified]
Urgent Pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
[Timestamps]
[Time since first frame in this TCP stream: 0.087703000 seconds]
[Time since previous frame in this TCP stream: 0.000130000 seconds]
[SEQ/ACK analysis]
TCP payload (407 bytes)
Hypertext Transfer Protocol
GET /vacancies HTTP/1.1\r\n
Host: ird.iitd.ac.in\r\n
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0)
Gecko/20100101 Firefox/18.0\r\n
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n
Accept-Language: en-US,en;q=0.5\r\n
Accept-Encoding: gzip, deflate\r\n
Referer: http://www.iitd.ac.in/\r\n
Cookie:
SESS1f002926bf876664ed5383994cb4c1de=tunjfm6na70hvls5sh989n7cl2\r\
n
Connection: keep-alive\r\n
\r\n
[Full request URI: http://ird.iitd.ac.in/vacancies]
[HTTP request 1/8]
[Response in frame: 249]/home/nitr/Downloads/http.pcap 773 total packets,
773 shown
[Next request in frame: 251]
For OK:-
5. Find the packet number that includes HTTP GET message for a file IITD-
IRD-122-2017.pdf. Also find the length of the file in bytes and time when
file is downloaded successfully.
Ans.)
Packet Number that includes HTTP GET message for a file IITD-IRD-122-
2017.pdf =478
length of the file in bytes=18533 bytes
time when file is downloaded successfully=Jul 29, 2017 12:49:13.700007000
IST
Q2: Open the http.pcap file given in study material in Wireshark. Use File-
>Export Packet Dissections to save the data in csv file format. Write a
C/C++/Java/Python code to read the data in csv file and print
csv_file_path = 'http.csv'
df = pd.read_csv(csv_file_path)