Now that we’ve seen how Wireshark displays the captured packet traffic for large HTML files, we can look at what happens when your browser downloads a file with embedded objects, i.e., a file that includes other objects (in the example below, image files) that are stored on another server(s).Do the following:Start up your web browser, and make sure your browser’s cache is cleared, as discussed above.Start up the Wireshark packet snifferEnter the following URL into your browserhttp://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.htmlYour browser should display a short HTML file with two images. These two images are referenced in the base HTML file.That is, the images themselves are not contained in the HTML; instead the URLs for the images are contained in the downloaded HTML file. As discussed in the textbook, your browser will have to retrieve these logos from the indicated web sites.   Our publisher’s logo is retrieved from the gaia.cs.umass.edu web site.  The image of the cover for our 5thedition (one of our favorite covers) is stored at the caite.cs.umass.edu server. (These are two different web servers inside cs.umass.edu).Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed.(Note:If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-4 packet trace to answer the questions below; see footnote 1. This trace file was gathered while performing the steps above on one of the author’s computers.)Answer the following questions:How many HTTP GET request messages did your browser send?  To which Internet addresses were these GET requests sent?Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel?  Explain.5 HTTP AuthenticationFinally, let’s try visiting a web site that is password-protected and examine the sequence of HTTP message exchanged for such a site.  The URLhttp://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html is password protected.  The username is “wireshark-students” (without the quotes), and the password is “network” (again, without the quotes).  So let’s access this “secure” password-protected site.  Do the following:Make sure your browser’s cache is cleared, as discussed above, and close down your browser.  Then, start up your browserStart up the Wireshark packet snifferEnter the following URL into your browserhttp://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.htmlType the requested user name and password into the pop up box.Stop Wireshark packet capture, and enter “http” in the display-filter-specification window, so that only captured HTTP messages will be displayed later in the packet-listing window.(Note:If you are unable to run Wireshark on a live network connection, you can use the http-ethereal-trace-5 packet trace to answer the questions below; see footnote 2. This trace file was gathered while performing the steps above on one of the author’s computers.)Now let’s examine the Wireshark output.  You might want to first read up on HTTP authentication by reviewing the easy-to-read material on “HTTP Access Authentication Framework” at http://frontier.userland.com/stories/storyReader$2159Answer the following questions:What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser?When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message?The username (wireshark-students) and password (network) that you entered are encoded in the string of characters (d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=) following the “Authorization: Basic” header in the client’s HTTP GET message.  While it may appear that your username and password are encrypted, they are simply encoded in a format known as Base64 format. The username and password are not encrypted!  To see this, go to  http://www.motobit.com/util/base64-decoder-encoder.asp and enter the base64-encoded string d2lyZXNoYXJrLXN0dWRlbnRz and decode.  Voila!  You have translated from Base64 encoding to ASCII encoding, and thus should see your username!  To view the password, enter the remainder of the string Om5ldHdvcms= and press decode.  Since anyone can download a tool like Wireshark and sniff packets (not just their own) passing by their network adaptor, and anyone can translate from Base64 to ASCII (you just did it!), it should be clear to you that simple passwords on WWW sites are not secure unless additional measures are taken.Fear not! As we will see in Chapter 8, there are ways to make WWW access more secure.  However, we’ll clearly need something that goes beyond the basic HTTP authentication framework!Answer sampleQuestion 11 Both the brewer and the server are running HTTP version 1.1GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1 [Expert Info (Chat/Sequence): GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1 ][GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1 ][Severity level: Chat][Group: Sequence]Request Method: GETRequest URI: /wireshark-labs/HTTP-wireshark-file1.htmlRequest Version: HTTP/1.1HTTP/1.1 200 OK [Expert Info (Chat/Sequence): HTTP/1.1 200 OK ][HTTP/1.1 200 OK ][Severity level: Chat][Group: Sequence]Response Version: HTTP/1.1Status Code: 200[Status Code Description: OK]Response Phrase: OK2 US style of English and default British english.Accept-Language: en-us, en;q=0.50 3 Mine is 68.103.81.49.Server is 128.119.245.12.Internet Protocol Version 4, Src: 68.103.81.49, Dst: 128.119.245.120100 . = Version: 4 . 0101 = Header Length: 20 bytes (5)Differentiated Services Field: 0x00 (DSCP: CS0, ECN: Not-ECT)Total Length: 442Identification: 0x0000 (0)Flags: 0x4000, Don t fragmentTime to live: 64Protocol: TCP (6)Header checksum: 0xb974 [validation disabled][Header checksum status: Unverified]Source: 68.103.81.49Destination: 128.119.245.124 Status code is 200.HTTP/1.1 200 OK [Expert Info (Chat/Sequence): HTTP/1.1 200 OK ][HTTP/1.1 200 OK ][Severity level: Chat][Group: Sequence]Response Version: HTTP/1.1Status Code: 200[Status Code Description: OK]Response Phrase: OK5 Last-Modified: Sat, 16 Feb 2019 06:59:01 GMT 6 File Data: 128 bytes7 All of them are displayed.Question 28 There is not.9 The server returned the full html text, which can be seen in the packet listing window.Line-based text data: text/html (10 lines)10 There is.The content is the time when first opened the page.If-Modified-Since: Sat, 16 Feb 2019 06:59:01 GMT 11 304 Not Modified.The contents are not returned because the file on the server was not modified since last opened.[Expert Info (Chat/Sequence): HTTP/1.1 304 Not Modified ][HTTP/1.1 304 Not Modified ][Severity level: Chat][Group: Sequence]Question 312 Two GET request messages were sent. No.23 contains the Bill or Rights.23 2.633780 128.119.245.12 HTTP 456 GET /wireshark-labs/HTTP-wireshark-file3.html HTTP/1.136 3.110611 128.119.245.12 HTTP 397 GET /favicon.ico HTTP/1.113 No.34.34 3.092403 128.119.245.12 HTTP 583 HTTP/1.1 200 OK  (text/html)14 200 OK.15 There are 4 segments.Question 416 There are 4.One html, two images and one favicon.Html: http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.htmlImages: http://gaia.cs.umass.edu/pearson.png and http://manic.cs.umass.edu/~kurose/cover_5th_ed.jpgFavicon: http://gaia.cs.umass.edu/favicon.ico17 They are downloaded serially. Because the GET of the second image started after receiving the first image.Question 518 401 Unauthorized.19 http.authorization

所有的编程代写范围：essayghost为美国、加拿大、英国、澳洲的留学生提供C语言代写、代写C语言、C语言代做、代做C语言、数据库代写、代写数据库、数据库代做、代做数据库、Web作业代写、代写Web作业、Web作业代做、代做Web作业、Java代写、代写Java、Java代做、代做Java、Python代写、代写Python、Python代做、代做Python、C/C++代写、代写C/C++、C/C++代做、代做C/C++、数据结构代写、代写数据结构、数据结构代做、代做数据结构等留学生编程作业代写服务。