1. The Basic HTTP GET/response interaction
Let’s begin our exploration of HTTP by downloading a very simple HTML
file - one that is very short, and contains no embedded objects. Do the
following:
1. Start up
your web browser.
2. Start up
the Wireshark packet sniffer, as described in the Introductory lab (but don’t
yet begin packet capture). Enter “http” (just the letters, not the quotation
marks) in the display-filter-specification window, so that only captured HTTP
messages will be displayed later in the packet-listing window. (We’re only
interested in the HTTP protocol here, and don’t want to see the clutter of all
captured packets).
3. Wait a
bit more than one minute (we’ll see why shortly), and then begin Wireshark
packet capture.
4.
Enter the following to your
browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html
Your browser should display the very
simple, one-line HTML file.
5. Stop
Wireshark packet capture.
Your Wireshark window should look
similar to the window shown in Figure 1. If you are unable to run Wireshark on
a live network connection, you can download a packet trace that was created
when the steps above were followed.2
1. Is your browser
running HTTP version 1.0 or 1.1? What version of HTTP is the server running?
Jawab : Browser saya versi http adalah 1.1 , server
juga versi http 1.1
2. What
languages (if any) does your browser indicate that it can accept to the server?
Jawab : language = en-us , en
3. What is
the IP address of your computer? Of the gaia.cs.umass.edu server?
Jawab :
Ip saya : 192.168.1.7
IP gaia.cs.umass.edu server : 128.119.245.12
4. What is
the status code returned from the server to your browser?
Jawab : Http /1.1 200 OK (text/html)
5. When was
the HTML file that you are retrieving last modified at the server?
Jawab : Last modified = sun, 21 jan 2018 06:59:01
GMT
6. How many
bytes of content are being returned to your browser?
Jawab : content-length = 128
7.
By inspecting the raw data in the
packet content window, do you see any headers within the data that are not
displayed in the packet-listing window? If so, name one.
Jawab : Tidak semua header bisa ditemukan dalam data raw
2. The HTTP CONDITIONAL GET/response interaction
Recall from Section 2.2.6 of the text, that most web browsers perform
object caching and thus perform a conditional GET when retrieving an HTTP
object. Before performing the steps below, make sure your browser’s cache is
empty. (To do this under Firefox, select Tools->Clear
Recent History and check the Cache box, or for Internet Explorer, select Tools->Internet Options->Delete File;
these actions will remove cached files from your browser’s cache.) Now do the following:
•
Start up your web browser, and make sure your
browser’s cache is cleared, as discussed above.
•
Start up the Wireshark packet
sniffer
•
Enter the following URL into your
browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file2.html
Your browser should display a very simple
five-line HTML file.
•
Quickly enter the same URL into
your browser again (or simply select the refresh button on your browser)
•
Stop Wireshark packet capture,
and enter “http” in the display-filter-specification window, so that only
captured HTTP messages will be displayed later in the packet-listing window.
•
(Note: If
you are unable to run Wireshark on a live network connection, you can use the
http-ethereal-trace-2 packet trace to answer the questions below; see footnote
1. This trace file was gathered while performing the steps above on one of the
author’s computers.)
Answer
the following questions:
8. Inspect
the contents of the first HTTP GET request from your browser to the server. Do
you see an “IF-MODIFIED-SINCE” line in the HTTP GET?
Jawab : Tidak
9. Inspect
the contents of the server response. Did the server explicitly return the
contents of the file? How can you tell?
Jawab : Ya karena kita bisa melihat isinya di field
Line-based text data
10. Now inspect the contents of the second HTTP GET request from your
browser to the server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET?
If so, what information follows the “IF-MODIFIED-SINCE:” header?
Jawab : Ya , informasinya adalah sun, 21 jan 2018 06:59:01 GMT yang
merupakan tanggal modifikasi terakhir file dari GET request sebelumnya
11. What is the HTTP status code and phrase returned from the server in
response to this second HTTP GET? Did the server explicitly return the contents
of the file? Explain.
Jawab : status code = 304 dan
phrase = Not Modified. Server tidak mengembalikan isi file karena browser
memuatnya dari cache-nya
3. Retrieving Long Documents
In our examples thus far, the documents retrieved have been simple and
short HTML files. Let’s next see what happens when we download a long HTML
file. Do the following:
•
Start up your web browser, and
make sure your browser’s cache is cleared, as discussed above.
•
Start up the Wireshark packet sniffer
•
Enter the following URL into your
browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html
Your browser should display the rather
lengthy US Bill of Rights.
•
(Note: If
you are unable to run Wireshark on a live network connection, you can use the
http-ethereal-trace-3 packet trace to answer the questions below; see footnote
1. This trace file was gathered while performing the steps above on one of the
author’s computers.)
Answer the
following questions:
12. How many
HTTP GET request messages did your browser send? Which packet number in the
trace contains the GET message for the Bill or Rights?
Jawab : ada 1 HTTP GET
13. Which
packet number in the trace contains the status code and phrase associated with
the response to the HTTP GET request?
Jawab : di trace saya paket nomor 15
14. What is
the status code and phrase in the response?
Jawab : Status code 200 ,phrase OK
15. How many data-containing TCP segments were needed to carry the single
HTTP response and the text of the Bill of Rights?
Jawab : Ada 5 data TCP segment yaitu 1440 , 1440, 1440 dan 541 totalnya
4861
4. HTML Documents with Embedded Objects
Now that we’ve seen how Wireshark displays the captured packet traffic
for large HTML files, we can look at what happens when your browser downloads a
file with embedded objects, i.e., a file that includes other objects (in the
example below, image files) that are stored on another server(s).
Do the
following:
•
Start up your web browser, and make sure your
browser’s cache is cleared, as discussed above.
•
Start up the Wireshark packet
sniffer
•
Enter the following URL into your
browser http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.html
Your browser should display a short HTML file with two images. These two
images are referenced in the base HTML file. That is, the images themselves are
not contained in the HTML; instead the URLs for the images are contained in the
downloaded HTML file. As discussed in the textbook, your browser will have to
retrieve these logos from the indicated web sites. Our publisher’s logo is
retrieved from the www.aw-bc.com web site. The image of the cover for our 5th edition (one of our favorite
covers) is stored at the manic.cs.umass.edu server.
•
Stop Wireshark packet capture,
and enter “http” in the display-filter-specification window, so that only
captured HTTP messages will be displayed.
Answer
the following questions:
16. How many
HTTP GET request messages did your browser send? To which Internet addresses
were these GET requests sent?
Jawab : ada 4 , alamat ip yang menjadi Get request
adalah 128.119.245.12 ada 2 dan 128.119.245.90 ada 2
17. Can you
tell whether your browser downloaded the two images serially, or whether they
were downloaded from the two web sites in parallel? Explain.
Jawab : Dengan memeriksa port TCP kita dapat
melihat apakah file kita diunduh secara serial atau paralel. Dalam kasus ini, 2
gambar dikirimkan melalui 2 koneksi TCP sehingga mereka diunduh secara serial.
5 HTTP Authentication
Finally, let’s try visiting a web site that is password-protected and
examine the sequence of HTTP message exchanged for such a site. The URL
http://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html
is password protected. The username is “wireshark-students” (without the
quotes), and the password is “network” (again, without the quotes). So let’s
access this “secure” password-protected site. Do the following:
•
Make sure your browser’s cache is cleared, as
discussed above, and close down your browser. Then, start up your browser
•
Start up the Wireshark packet
sniffer
•
Enter the following URL into your
browser http://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html
Type the
requested user name and password into the pop up box.
•
Stop Wireshark packet capture,
and enter “http” in the display-filter-specification window, so that only
captured HTTP messages will be displayed later in the packet-listing window.
•
(Note: If
you are unable to run Wireshark on a live network connection, you can use the
http-ethereal-trace-5 packet trace to answer the questions below; see footnote
2. This trace file was gathered while performing the steps above on one of the
author’s computers.)
Answer
the following questions:
18. What is
the server’s response (status code and phrase) in response to the initial HTTP
GET message from your browser?
Jawab : status code 401, phrase = Unauthorized
19. When your browser’s sends the HTTP GET message for the second time, what
new field is included in the HTTP GET message?
Jawab : field baru di pesan HTTP GET yang kedua adalah
Authorization:
Basic d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=\r\nDownload Laporan WireShark Lab HTTP
Rumah Ti: Wireshark Lab Http >>>>> Download Now
ReplyDelete>>>>> Download Full
Rumah Ti: Wireshark Lab Http >>>>> Download LINK
>>>>> Download Now
Rumah Ti: Wireshark Lab Http >>>>> Download Full
>>>>> Download LINK