WIRESHARK: server is 131.238.16.100 · To know the

WIRESHARK:

We will observe the
network traffic to understand how the data is transferred on internet by using
a software tool called Wire shark tool. It is used to analyze packet and
portals.

In the lab session We
have downloaded and installed virtual box and also download the Wireshark
software.

 

TASK
1:

 

1.     
What is the IP address of the computer? Of
the academic.udayton.edu server? how do you know that?

 

·        
“An Internet protocol is a unique
numerical number assigned to a device which are associated to network called
computer network which uses internet protocol to communicate with each other”.

·        
IP
address of the academic.udayton.edu server is 131.238.16.100          

·        
To know the IP address of the given sever
one must open the wire shark machine.

·        
To capture the packets and protocols one
needs edit the capture option.

·        
Check box capture packets in promiscuous
mode which will allow us to specify the wire shark to capture the packets in
promiscuous mode and the edit the interface to pseudo-device that capture on
all the interface.

·        
Click the second button the command menu
of the wire shark to set up and click start to start capturing the packets.

·        
All the messages which are in the
promiscuous mode on the LAN network will be captured.

·        
One must click the third icon in the
command menu to capture the new live messages.

·        
where we can see the information about the
website and IP address of the given website to get the IP address of the given
browser academic.udayton.edu. one must open the web and surf for the below given
website:

 

http://academic.udayton.edu/PhuPhung/sp2018secad-lab1.html

 

 

·        
To check the IP address, one must get back
to wire shark and filter the messages by using the filter Http.

·        
Then the wire shark will display the Http
data.

·        
Open the Http request of the given browser.

·        
Below is the Screenshot of the website IP
address.

 

 

2.     
What is the port number that the browser
uses? How do you know that?

 

·        
“Port number is a 16-bit integer which
usually ranging from 0 to 65535. In data network an endpoint communication in
an operating system is called port” .

·        
Port
number of the website is “80”

·        
We know the port number of the website by
following the above steps as we have done for the IP address. Port number is
exactly present below the IP address

The
source port number is 43274 where the destination port address is 80.

 

3.     
What is the full information of the
browser?

 

Browser
contains detailed information starting from the bytes. Below is the screen shot
of the browser information.

·        
First column indicates that 382 bytes are
on the wire and the 382 bytes have been captured followed by the Linux.

·        
Third column indicates the source IP
address “10.0.2.15”and destination IP address” 131.238.16.100″.

·        
Fourth column indicates the port number,
the source port address is “54219” and the destination port address is “80”.

·        
Fifth column indicates the Hypertext
transfer protocol information.

è First
row indicates the http request sent to the server.

è Second
row is followed by the GET command and the path name.

è Third
row indicates the message and the severity level of the request which is
followed by the request method which has

è Request
Method: GET

Request URI:
/PhuPhung/sp2018secad-lab1.html

Request version: HTTP/1.1

è Host:
followed by the name which is the full domain name of the web server.

è User
agent here is the Mozilla Firefox which are followed by the Agent, Agent language,
Agent encoding and connection status.

 

 

 

 

4.     
What is the full content of the HTTP
request message?

 

·        
The Hypertext transfer protocol
information.

è First
row indicates the http request sent to the server.

è Second
row is followed by the GET command and the path name.

è Third
row indicates the message and the severity level of the request which is followed
by the request method which has

             Request Method: GET

             Request URI: /PhuPhung/sp2018secad-lab1.html

             Request
version: HTTP/1.1.

è Host:
followed by the name which is the full domain name of the web server.

è User
agent here is the Mozilla Firefox which are followed by the Agent, Agent
-language, Agent encoding and connection status.

 

 

 

5.  What version of HTTP is the server running?

·        
The hypertext transfer protocol is an
application-level protocol for distributive, combing hypermedia information
system which can be used for many tasks such as name server.

·        
Hypertext transfer protocol was in use
since 1990 by world wide web.

·        
The version of the HTTP is the server
running “HTTP/1.1”.  It is a latest
version and it is a world wide web application protocol that runs over the
internet TCP/IP suit of the protocol.

 

 

 

 

 

6.     
What is the status code returned from the
server to your browser?

 

·        
The
status code returned from the server to the browser is “HTTP/1.1 200 OK”.

·        
HTTP/1.1 200 OK means that’s sever is
responding to the given HTTP protocol.

·        
The version HTTP/1.1 200 is the code which
is presented when everything is OK.

 

 

 

 

7. How many bytes of the
content is being returned to your browser.

·        
The total bytes returned from the browser
are 501 bytes.

 

 

8. What is the software
and the version of the software.

·        
The Wire shark is open source software
which was opened by GNU General Public license.

·        
Wireshark software is the widely used
network protocol analyzer.

·        
It is used for network analysis,
troubleshooting and communication for protocol development.

·        
The version of the software is the 1.6.7