Wireshark

Wireshark



Part I. Capturing and analyzing Ethernet frames
Let’s begin by capturing a set of Ethernet frames to study. Do the following:
First, clear your browser’s cache, and start it with a blank page. You may also want to close out all other browsers or web activities (It is important to do this step, so your Wireshark results won’t be overwhelming.)
Start up the Wireshark packet sniffer, and start a packet capture
Enter the following URL into your browser
http://lix1.myweb.usf.edu/about-usf-st-petersburg.htm
Stop Wireshark packet capture.
Save this capture with a name “Lab2 trace1 – yourlastname”, and the default file type should be .pcapng. You will need to submit this trace file, which shows your unique IP address and time stamp to prove the origin of your work.
Now locate the GET and OK packets that your computer communicated with the server that hosts the About USF St. Petersburg web page you’ve just visited. There could be multiple GET and OK packets, depending on the web activities going on. Make sure you get the right GET and OK packet using the info column of the Packet List.

Create a lab report using MS Word, and answer the following questions.

Q1. Provide the packet #s of the GET and OK packet.

When you select the GET message in the packet list, you can see in the Packet Details (middle window), there are 5 section items
Frame
Ethernet II
Internet protocol
Transmission control protocol, and
Hypertext transfer protocol.
This lab is about Ethernet. So you can focus on the Frame and Ethernet II sections to answer the following questions (unless otherwise instructed). In order to answer the following questions, you’ll need to look into the packet details and packet bytes windows (the middle and lower display windows in Wireshark).

Make sure you have selected the HTTP GET message in the packet list (the top window) using the packet number. (Recall that the HTTP GET message is carried inside of a TCP segment, which is carried...

Similar Essays