Scribd
Upload
8 views3 pages

Getting Started

The document provides a series of questions and answers related to a Wireshark trace file analysis. It includes information on the protocols detected (TCP, HTTP, TLSv1.2), the time taken for an HTTP GET request to receive a response, and the Internet addresses of the involved computers. Additionally, it details the User-Agent of the web browser used and instructs on printing specific HTTP messages from the trace file.

Uploaded by

Huy Đỗ
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
8 views3 pages

Getting Started

The document provides a series of questions and answers related to a Wireshark trace file analysis. It includes information on the protocols detected (TCP, HTTP, TLSv1.2), the time taken for an HTTP GET request to receive a response, and the Internet addresses of the involved computers. Additionally, it details the User-Agent of the web browser used and instructs on printing specific HTTP messages from the trace file.

Uploaded by

Huy Đỗ
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Name: Đỗ Minh Bảo Huy

ID: N22DCCN133
Getting Started
1. Which of the following protocols are shown as appearing (i.e., are listed in the
Wireshark “protocol” column) in your trace file: TCP, QUIC, HTTP, DNS, UDP,
TLSv1.2?

- TCP, HTTP, TLSv1.2


2. How long did it take from when the HTTP GET message was sent until the
HTTP OK reply was received? (By default, the value of the Time column in the
packet-listing window is the amount of time, in seconds, since Wireshark tracing
began. (If you want to display the Time field in time-of-day format, select the
Wireshark View pull down menu, then select Time Display Format, then select
Time-of-day.)

- 0.062783
3. What is the Internet address of the gaia.cs.umass.edu (also known as www-
net.cs.umass.edu)? What is the Internet address of your computer or (if you are
using the trace file) the computer that sent the HTTP GET message?
- The Internet address of the gaia.cs.umass.edu: 128.119.245.12
- The Internet address of your computer: 10.0.0.44
4. Expand the information on the HTTP message in the Wireshark “Details of
selected packet” window (see Figure 3 above) so you can see the fields in the
HTTP GET request message. What type of Web browser issued the HTTP request?
The answer is shown at the right end of the information following the “User-
Agent:” field in the expanded HTTP message display. [This field value in the
HTTP message is how a web server learns what type of browser you are using.]
* Firefox, Safari, Microsoft Internet Edge, Other

- User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:84.0)


Gecko/20100101 Firefox/84.0\r\n
5. Expand the information on the Transmission Control Protocol for this packet in
the Wireshark “Details of selected packet” window (see Figure 3 in the lab
writeup) so you can see the fields in the TCP segment carrying the HTTP message.
What is the destination port number (the number following “Dest Port:” for the
TCP segment containing the HTTP request) to which this HTTP request is being
sent?
6. Print the two HTTP messages (GET and OK) referred to in question 2 above. To
do so, select Print from the Wireshark File command menu, and select the
“Selected Packet Only” and “Print as displayed” radial buttons, and then click OK.

You might also like