Purpose
1. WireShark 的安装以及界面熟悉
2. 简单 HTTP 的抓取和过滤,结果进行分析和导出
Experimental content
lab environment
网络环境:联网
操作系统:macOS Catalina 10.15.3
软件:Wireshark 3.2.2
Experimental procedure
- Wireshark initialization interface
- Open WireShark and select the appropriate network card in the capture option
- Open the browser to input
http://gaia.cs.umass.edu/wireshark-labs/INTRO-wireshark-file1.html
, click the shark fin button in the upper left corner of wireshark to try to capture the packet and report an error:.The capture session could not be initiated on interface 'en0' (You don't have ...)
The reason for this error is that the network card is not open.
Open the terminal and enter the command: itsudo chmod 777 /dev/bpf*
can be solved - Try to capture the packet again and analyze the results
- Select http filtering in the filter, and view the filtering results
Experimental results
- List the 3 different protocols that appear in the protocol column in the unfiltered packet-listing window in step 5 above
Answer: TCP, ARP, and UDP
- How long does it take from sending an HTTP GET message to receiving an HTTP OK reply?
Answer: 22.224435-20.992763 = 1.231672 seconds
- What is the IP address of gaia.cs.umass.edu (also known as wwwnet.cs.umass.edu)? What is the IP address of your computer?
Answer: The local IP address is 192.168.8.110, gaia.cs.umass The IP address of .edu is 128.119.245.12.
- Print out the two HTTP messages (GET and OK) mentioned in question 2 above.
Experimental experience
通过本次试验,我简单了解 Wireshark 的使用方法,以及简单 HTTP 协议的抓包和分析,希望在接下来的wireshark实验
以及套接字编程遇到更多惊喜。