Report Lab 3a Wireshark HTTP V8

Computer Network
Student’s name: Nguyễn Tiến Hưng; ID: 2252280

I/ The Basic HTTP GET/response interaction:

1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server
running?

- Both of them are version 1.1.

- HTTP of server:

- HTTP browser of my laptop:

2. What languages (if any) does your browser indicate that it can accept to the server?

+ en-US: This has the highest priority (no quality value q means it defaults to 1.0), meaning the
preferred language is English as spoken in the United States.
+ en;q=0.5: This indicates a preference for English in general, with a slightly lower priority
(quality value q=0.9).

- So, the languages in order of preference are:

1. U.S. English
 2. General English

3. What is the IP address of your computer? Of the gaia.cs.umass.edu server?

- IP address of my computer: 192.168.1.3

- IP of the gaia.cs.umass.edu server: 128.119.245.12

4. What is the status code returned from the server to your browser?

- Status code: 200

5. When was the HTML file that you are retrieving last modified at the server?
- The time when the HTML file that you are retrieving last modified at the server: Saturday, 05
October 2024 05:59:02 GMT\r\n

6. How many bytes of content are being returned to your browser?

- There are 128 bytes of content being returned to your browser.

7. By inspecting the raw data in the packet content window, do you see any headers within the
data that are not displayed in the packet-listing window? If so, name one.

- Both the Packet Details and Raw Data panes show the same HTTP headers: Date, Server, Last-
Modified, ETag, Accept-Ranges, Content-Length, Keep-Alive, Connection, and Content-Type.
- So no additional headers are visible in the Raw Data pane that aren't already listed in the Packet
Details pane.

II/ The HTTP CONDITIONAL GET/response interaction:

8. Inspect the contents of the first HTTP GET request from your browser to the server. Do you
see an “IF-MODIFIED-SINCE” line in the HTTP GET?

- I do not see any phrase “IF-MODIFIED-SINCE”.

9. Inspect the contents of the server response. Did the server explicitly return the contents of the
file? How can you tell?
- Yes I can see the contents of the file through the “Line-based text data”.
10. Now inspect the contents of the second HTTP GET request from your browser to the server.
Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what information
follows the “IF-MODIFIED-SINCE:” header?

- Yes, I do see the phrase “If-Modified-Since”.

- The information follows: Sat, 05 October 2024 05:59:02 GMT\r\n

11. What is the HTTP status code and phrase returned from the server in response to this
second HTTP GET? Did the server explicitly return the contents of the file? Explain.

- HTTP status code: 304

- Response phrase: Not Modified
- It did not return explicitly the contents of the file since there is no change in the file

III/ Retrieving Long Documents:

12. How many HTTP GET request messages did your browser send? Which packet number in
the trace contains the GET message for the Bill or Rights?

- Only 1 HTTP GET request messages was sent. The packet number in the trace contains the GET
message for the Bill or Rights: 185812
13. Which packet number in the trace contains the status code and phrase associated with the
response to the HTTP GET request?
- Packet number in the trace contains the status code and phrase associated with the response to the
HTTP GET request: 185828

14. What is the status code and phrase in the response?

- Status code: 200
- Response phrase: OK

15. How many data-containing TCP segments were needed to carry the single HTTP response
and the text of the Bill of Rights?
- There are 4 data-containing TCP segments were needed to carry the single HTTP response and the
text of the Bill of Rights.

IV/ HTML Documents with Embedded Objects:

16. How many HTTP GET request messages did your browser send? To which Internet
addresses were these GET requests sent?
- There was 3 GET request messages that my browser sent.
- The GET message file “HTTP-wideshark-file4.html” and the figure “pearson.png” were sent to IP
address: 128.119.245.12
- The other one file “8E_cover_small.jpg” was sent to IP address: 178.79.137.164

17. Can you tell whether your browser downloaded the two images serially, or whether they
were downloaded from the two web sites in parallel? Explain.
- I think my browser downloaded 2 images serially. Since looking at the time start to send the GET
message and time when the response arrives. Each of the message differ around 1 second. That is too
much for the parallel, when it must be at the same start and end time.

V/ HTTP Authentication:

18. What is the server’s response (status code and phrase) in response to the initial HTTP GET
message from your browser?
- The response: “HTTP/1.1 401 Unauthorized”.
- Status code: 401
- Response phrase: Unauthorized

19. When your browser’s sends the HTTP GET message for the second time, what new field is
included in the HTTP GET message?
- Before:
- After:

- I can see the the second GET message did not contain the “Authorization”.
- The phrase after the Basic is the username and password that I had entered.
- And after decoded base64 wireshark-students:network.