Assignment - 3

Name – Sonu Kumar

Branch – Msc. Mathematics
Subject – Computer Network
Adm No. - I23MA051

Q.1) Give brief details about HTTP. What is the difference between HTTP and HTTP
1.1?
Ans)

HTTP, or Hypertext Transfer Protocol, is a communication protocol used for transferring data
between web browsers and web servers. It follows a request-response model and operates over
port 80. It is stateless, meaning each request is independent and does not retain session
information.

The difference between HTTP and HTTP/1.1 lies in several aspects. HTTP (1.0) opens a new
connection for each request, whereas HTTP/1.1 supports persistent connections, allowing
multiple requests over the same connection. This makes HTTP/1.1 faster as it reduces the
overhead of repeatedly opening and closing connections. HTTP/1.1 also supports pipelining,
which allows multiple requests to be sent before receiving responses, improving efficiency.
Additionally, HTTP/1.1 introduces better caching mechanisms, making resource loading more
efficient. Another key difference is that HTTP (1.0) does not require a Host header, while
HTTP/1.1 makes it mandatory, allowing multiple domains to be hosted on a single server.

In summary, HTTP/1.1 enhances speed, efficiency, and resource management compared to

HTTP (1.0).
Q.2) Write down the steps to capture HTTP request packets for any URL.
Ans)

Capturing HTTP request packets for any URL can be done using various tools like Wireshark,
tcpdump, or browser developer tools. Here’s a general step-by-step guide using Wireshark:

Method 1: Using Wireshark :

Wireshark is a powerful network protocol analyzer that captures and inspects packets.

Step 1: Install Wireshark

- Download and install Wireshark from [Wireshark's official

website](https://www.wireshark.org/).

- If on Windows, install Npcap (a required packet capture library).

Step 2: Start Wireshark

- Open Wireshark with administrator privileges.

- Select the network interface (Wi-Fi or Ethernet) you are using.

Step 3: Apply Capture Filters (Optional)

- To capture only HTTP/HTTPS packets, use the filter:

``` tcp port 80 (for HTTP)

tcp port 443 (for HTTPS, but the content will be encrypted) ```

- Alternatively, you can capture packets for a specific website by filtering the IP address:

``` host example.com ```

Step 4: Start Capturing

- Click Start to begin capturing packets.

- Open a browser and visit the URL you want to inspect.

Step 5: Stop Capturing and Analyze Packets

- Click Stop once enough data is captured.

- Use the Filter bar to search for `http.request` or `tcp.stream eq X` to follow a request-response
session.

Step 6: Extract HTTP Request Information

- Click on a packet to see details, including:

- Request method (GET, POST, etc.)

- Host, User-Agent, and other headers

- Payload (for POST requests)

Step 7: Save or Export Captured Packets

- Save the capture as a `.pcap` file for later analysis.

---

Method 2: Using Browser Developer Tools (Simpler)

If you only need to capture HTTP requests from a browser:

Step 1: Open Developer Tools

- Chrome: Press `F12` or `Ctrl + Shift + I`, then go to the Network tab.

- Firefox: Press `F12` or `Ctrl + Shift + I`, then select Network.

Step 2: Enable Network Logging

- Ensure "Preserve log" is enabled to keep requests visible.

- Reload the page to capture traffic.

Step 3: Analyze Requests

- Click on any request to see:

- Headers

- Payload (for POST requests)

- Response details

Step 4: Export Logs (Optional)

- Right-click a request → Save as HAR file for further analysis.

Q.3). Understanding HTTP Protocol via Packet Capture.

Objective: Analyze how HTTP works by capturing and studying HTTP request and

response messages.

Tasks:

1. Use Wireshark to capture HTTP packets while visiting a website.

2. Identify and explain the following components in an HTTP request:

○ Request Method (GET, POST, etc.)

○ Request Headers

○ URL and Parameters

3. Identify and explain the following components in an HTTP response:

○ Status Code (e.g., 200, 404, 500)

○ Response Headers

○ HTML Content

4. Compare HTTP vs. HTTPS by capturing both types of traffic.

5. Write a summary of how HTTP communication takes place.

Ans)

Task 1 : Captured screen showing HTTP packets filtered in Wireshark.

Task 2 : Identifying and Explaining Components in an HTTP Request
When a client (e.g., a web browser) communicates with a server, it sends an HTTP request. This
request consists of three main components:

1. Request Method (GET, POST, etc.)

The request method defines the action the client wants the server to perform. It appears in the
first line of an HTTP request.

Common HTTP Methods:

Method & Purpose :

GET- Requests data from the server (e.g., loading a webpage).

POST- Sends data to the server (e.g., submitting a form).

PUT- Updates a resource on the server.

DELETE- Deletes a resource on the server.

HEAD- Similar to GET but only retrieves headers, not content.

OPTIONS- Asks the server which methods are allowed.

2. Request Headers

Request headers provide metadata about the request. They help the server understand what
the client expects.

Common Request Headers:

Header & Purpose :

Host- Specifies the target server (e.g., `Host: example.com`).

User-Agent-Identifies the client (e.g., browser, bot).

Accept-Defines acceptable response types (e.g., `Accept: text/html`).

Cookie-Sends stored cookies from the client.

Referer- Indicates the previous page the user visited.

Authorization- Sends authentication credentials (e.g., API tokens).

3. URL and Parameters

A URL (Uniform Resource Locator) specifies the resource location on a web server. It may
contain parameters that pass additional data.

Parts of a URL:

```

https://www.example.com/search?q=Wireshark&page=2

```

Component & Description :

Protocol- `https://` (Secure HTTP)

Domain- `www.example.com` (Server address)

Path- `/search` (Resource on the server)

Query Parameters- `q=Wireshark&page=2` (Extra data sent to the server)

Task 3: Identify and Explain HTTP Response Components
Click on an HTTP response packet in Wireshark.

1. Status Code:

Indicates the server’s response:

• 200 OK → Request successful.

• 404 Not Found → Resource missing.

•500 Internal Server Error → Server issue.

2. Response Headers:

Provide additional information about the response.

Examples:

• Content-Type: text/html → Specifies content type.

• Server: Apache/2.4.41 → Identifies the server software.

• Set-Cookie: sessionID=abc123 → Sends a cookie for session tracking.

3. HTML Content:

• The actual web page content is in the response body.

• Can be seen in the Packet Bytes section of Wireshark.

Task 4 : Compare HTTP vs. HTTPS
HTTP

HTTPS
Task 5 : How HTTP communication takes place.
HTTP communication involves a client, typically a web browser, making a request to a server,
and the server responding to that request. The process begins when a user enters a URL into a
browser, which then sends an HTTP request to the server hosting the website specified in the
URL. This request includes information such as the HTTP method (like GET or POST), headers,
and sometimes a body containing additional data.

Upon receiving the request, the server processes it and sends back an HTTP response. The
response includes a status code indicating the outcome of the request, headers with metadata
about the response, and the body containing the requested data, such as HTML, images, or
other resources. The status code helps the client understand whether the request was
successful or if there was an error. For example, a status code of 200 indicates success, while a
404 code indicates that the requested resource was not found.

HTTP is a stateless protocol, meaning each request and response is independent of others. The
server does not retain information about previous requests unless mechanisms like cookies or
sessions are used. This statelessness simplifies the protocol but can complicate tasks that
require maintaining state across multiple requests.

HTTP operates on top of the TCP/IP protocol stack, using port 80 by default, though other ports
can be used as well. It is designed to be generic and can be extended to handle various types of
data and interactions beyond just HTML documents.
HTTP communication is foundational to the World Wide Web, enabling the exchange of
information between clients and servers in a standardized way. It supports various methods for
data transfer, including GET for retrieving resources and POST for submitting data to be
processed by the server.

HTTP is distinct from HTTPS, which adds encryption and security to the communication process,
making it more suitable for transmitting sensitive information. However, the basic structure of
request and response remains the same in both protocols.