CCN Lab Manual

PES INSTITUTE OF TECHNOLOGY TECHNOLOGY (An Autonomous Institute under VTU, Bel!um"

#CCN LAB $ANUAL% P&EPA&E' BY

ASHAY AS HAY GOPAL, Assist!nt Pro)essor

SUBMITTED BY

'EPA&T$ENT OF ELECT&ONICS AN' CO$$UNICATION ENGINEE&ING PES INSTITUTE OF TECHNOLOGY *++ FEET &ING &OA', BS III STAGE, BANGALO&E  -.+ +/0+*1

E2PE&I$ENTS LIST

The experiments conducted in CCN lab are listed below: Cisco ac!et Tracer: " Experiments #$ %oca %ocall area area net networ wor! ! &%'N &%'N$$ ($ %o %oca call )ir )irel eless ess Net Netwo wor!  r!  *$ Stat Static ic and and D+n D+nam amic ic ,out ,outinin.$ Networ! Networ! 'ddre 'ddress ss Trans Translati lation on &N'T &N'T$ "$ Camp Campus us 'rea 'rea Net Networ wor! ! &C'N$ &C'N$ )ireshar! rotocol 'nal+ser Tool: . Experiments /$ 0amili 0amiliaris arisati ation on with with wires wireshar! har! tool 1$ 2+pert 2+pertext ext Tran Trans3er s3er rotoco rotocoll &2TT &2TT$$ 4$ Transp Transport ort Control Control rotoco rotocoll &TC$ &TC$ 5$ Doma Domain in Name Name S+s S+ste tem m &DNS &DNS$$ C6ro-rams: . ro-rams #7$ Bit Stu33inStu33in##$ Character Character Stu33inStu33in#($ C,C C,C #*$ Di8!stra9s Di8!stra9s 'l-orithm 'l-orithm

The experiments conducted in CCN lab are listed below: Cisco ac!et Tracer: " Experiments #$ %oca %ocall area area net networ wor! ! &%'N &%'N$$ ($ %o %oca call )ir )irel eless ess Net Netwo wor!  r!  *$ Stat Static ic and and D+n D+nam amic ic ,out ,outinin.$ Networ! Networ! 'ddre 'ddress ss Trans Translati lation on &N'T &N'T$ "$ Camp Campus us 'rea 'rea Net Networ wor! ! &C'N$ &C'N$ )ireshar! rotocol 'nal+ser Tool: . Experiments /$ 0amili 0amiliaris arisati ation on with with wires wireshar! har! tool 1$ 2+pert 2+pertext ext Tran Trans3er s3er rotoco rotocoll &2TT &2TT$$ 4$ Transp Transport ort Control Control rotoco rotocoll &TC$ &TC$ 5$ Doma Domain in Name Name S+s S+ste tem m &DNS &DNS$$ C6ro-rams: . ro-rams #7$ Bit Stu33inStu33in##$ Character Character Stu33inStu33in#($ C,C C,C #*$ Di8!stra9s Di8!stra9s 'l-orithm 'l-orithm

CISCO PACET T&ACE& 

Cisco Cisco ac!et ac!et Tracer Tracer is a power3ul power3ul networ! networ! simulat simulation ion pro-ram pro-ram that allows allows students students to experiment with networ! behaiour and as! ;what i3< =uestions> 's an inte-ral part o3 the  Networ!in- 'cadem+ comprehensie learnin- experience? ex perience? ac!et Tracer proides simulation? isuali@ation? authorin-? assessment? and collaboration capabilities and 3acilitates the teachinand learnin- o3 complex technolo-+ concepts> ac!et Tracer supplements ph+sical e=uipment in the classroom b+ allowin- students to creat createe a netw networ! or! with with an almo almost st unlim unlimite ited d num number ber o3 deic deices? es? encour encoura-i a-inn- pract practic ice? e? discoer+? and troubleshootin-> The simulation6based learnin- enironment helps students deelop deelop (#st centur+ s!ills s!ills such as decisio decision n ma!in-? ma!in-? creatie creatie and critica criticall thin!in thin!in-? -? and  problem solin-> ac!et Tracer complements the Networ!in- 'cadem+ curricula? allowininstruct instructors ors to easil+ easil+ teach teach and demonst demonstrate rate complex complex technica technicall concepts concepts and networ! networ!inins+stems desi-n> The ac!et Tracer so3tware is aailable 3ree o3 char-e to Networ!in- 'cadem+ instructors? students? alumni? and administrators>

E2PE&I$ENT *

Lo3!l Are! Net4or5 

E67eriment8 +*8 &e9uirements8 • •

0our )or!-roups with 3our des!tops in each wor!-roup> Complete %'N should belon- to same I se-ment and each computer should hae a static I address>

Sl: No

Lo3! Lo3!ti tion on Tot!l t!l Num; Num;er er o)
S7e3i)i3!tions

#

06"7# 06"7( 06"7* 06"7.

. Des!top Computers . Des!top Computers . Des!top Computers . Des!top Computers

)or!-roup )or!-roup )or!-roup )or!-roup )or!-roup )or!-roup )or!-roup )or!-roup

A# A( A* A.

(

Bandwidth

#77 Mbps shared amon- all the wor!-roups

*

I 'ddresses

Complete %'N should belon- to same I se-ment &subnet$ Each Computer should hae a static I address

Aim o) t=e e67eriment8 •

To -et 3amiliar with the cisco pac!et tracer simulation tool>

•

To understand the basic buildin- bloc! o3 local area networ!>

•

To understand the limitations o3 2ubs and Switches>

A77!r!tus8

Cisco ac!et tracer  •

End S+stems  C

•

2ubs  2UB6T

•

Switches  (5/7  (.TT

•

)ireless ,outer: %in!s+s ),T *77N

T=eor>8

2ubs and Switches are two important connectin- deices in computer networ!s>

Hu;s8

' hub is a multiport multiport repeater> It is normall+ used to create connections connections between stations in a  ph+sical star topolo-+> to polo-+> It is used widel+ in Ethernet implementations> The+ can also be used to create multiple leels o3 hierarch+> It 3orwards eer+ 3rame and has no 3ilterin- capabilit+>

S4it3=es8

' two la+ered switch is a brid-e with man+ ports that can allocate a uni=ue port to each station> This means no competin- tra33ic> It ma!es a 3ilterin- decision based on the M'C address o3 the 3rame it receied> More sophisticated switches hae bu33er to hold the 3rames o3 processin->

Pro3edure8 • • • •

Select end s+stem as des!top and dra- and drop the re=uired number o3 s+stems> Connect 3our des!tops to a hub> Connect all the 3our hubs to a switch to complete the networ!> 'ssi-n I address to each C b+: o Double Clic! on C  Con3i-urations  Inter3ace 3ast Ethernet  I Con3i I

•

address (>#/4>7># to #5(>#/4>7>#/$ Chec! data transmission and reception and in- the Cs in the command prompt>

Sn!7s=ot o) E67eriment *

&esult8 Data pac!ets were sent and receied success3ull+>

E2PE&I$ENT8 +0 LOCAL
 Networ! should be wireless and all computers should belon- to same wor!-roup sa+ A# should hae d+namic I address>

A77!r!tus8

Cisco ac!et tracer  •

End S+stems  C

•

)ireless ,outer: %in!s+s ),T *77N

Pro3edure8 Dra- and drop re=uired number o3 C9s on screen> • 'ssi-n d+namic I address to a wor! -roup: • o Double Clic! on C  h+sical  Switch o33 CU  ,emoe Existin- ort  Dra-

•

and drop port aailable 3or wireless  Switch on CU> o 'lso C Con3i-uration  0ast Ethernet  D2C Chec! data transmission and reception and in- the Cs in the command prompt>

Sn!7s=ot o) E67eriment 0 &esult8 Data pac!ets were sent and receied success3ull+>

E2PE&I$ENT8 ? STATIC AN' 'YNA$IC &OUTING

&e9uirements8 • •

' )or!-roup with 3our des!tops and 3our wireless C9s> er3orm Static and D+namic ,outin-

A77!r!tus8

Cisco ac!et tracer  •

End S+stems  C

•

)ireless ,outer: %in!s+s ),T *77N

T=eor>8

In TCP@IP? routin- can be one o3 two t+pes: static or dynamic> )ith static routin-? +ou maintain the routin- table manuall+ usin- the route command> Static routin- is practical 3or a sin-le networ! communicatin- with one or two other networ!s> 2oweer? as +our networ! be-ins to communicate with more networ!s? the number o3  -atewa+s increases? and so does the amount o3 time and e33ort re=uired to maintain the routin- table manuall+> )ith d+namic routin-? daemons update the routin- table automaticall+> ,outin- daemons continuousl+ receie in3ormation broadcast b+ other routin- daemons? and so continuousl+ update the routin- table> TCP@IP proides two daemons 3or use in d+namic routin-? the routed and -ated daemons> The -ated daemon supports &outin In)orm!tion Proto3ol (&IP" ? &outin In)orm!tion Proto3ol Ne6t Gener!tion (&IPn" ? E6terior G!te4!> Proto3ol (EGP" ? Border G!te4!> Proto3ol (BGP" and BGP1? 'e)ense Communi3!tions Net4or5 Lo3!lNet4or5 Proto3ol (HELLO"? O7en S=ortest P!t= First (OSPF" ? Intermedi!te S>stem to Intermedi!te S>stem (ISIS" ? and Internet Control $ess!e Proto3ol (IC$P !nd IC$P."@&outer 'is3oer> routin- protocols simultaneousl+> In addition? the !ted  daemon supports the Sim7le Net4or5 $!n!ement Proto3ol (SN$P" > The routed daemon onl+ supports &outin In)orm!tion Proto3ol >

,outin- daemons can operate in one o3 two modes? passive or active? dependin- upon the options +ou use when startin- the daemons> In actie mode? routin- daemons both broadcast routin- in3ormation periodicall+ about their local networ! to -atewa+s and hosts? and receie routin- in3ormation 3rom hosts and -atewa+s> In passie mode? routin- daemons receie routin- in3ormation 3rom hosts and -atewa+s? but do not attempt to !eep remote -atewa+s updated &the+ do not adertise their own routin- in3ormation$>

These two t+pes o3 routin- can be used not onl+ 3or -atewa+s? but 3or other hosts on a networ! as well> Static routin- wor!s the same 3or -atewa+s as 3or other hosts> D+namic routin- daemons? howeer? must be run in the passie &=uiet$ mode when run on a host that is not a -atewa+> Pro3edure8 • • •

Dra- and drop re=uired number o3 C9s on screen> 'ssi-n static I to . C9s 'ssi-n d+namic I address to . C9s: o Double Clic! on C  h+sical  Switch o33 CU  ,emoe Existin- ort  Dra-

•

and drop port aailable 3or wireless  Switch on CU> o 'lso C Con3i-uration  0ast Ethernet  D2C Chec! data transmission and reception and in- the Cs in the command prompt>

Sn!7s=ot o) E67eriment ?

&esult8 Data pac!ets were sent and receied success3ull+>

E2PE&I$ENT 1

CONFIGU&ING NAT

O;e3tie

Use ac!et Tracer to practice the 3ollowin- s!ills: •

•

Completin- router con3i-uration> Con3i-ure a router to use networ! address translation &N'T$ to conert internal I addresses into outside public I addresses>

S3en!rio

'n IS has allocated a compan+ the public classless interdomain routin- &CID,$ I address #55>55>5>*(*7> This is e=uialent to ( public I addresses> Since the compan+ has an internal re=uirement 3or more than ( addresses? the IT mana-er has decided to implement N'T with oerload> ,outin- will be done between the IS and the -atewa+ router used b+ the compan+> ' static route will be used between the IS and -atewa+ routers and a de3ault route will be used between the -atewa+ router and the IS> The IS connection to the Internet will be represented b+ a loopbac! address on the IS router>

Pro3edure8 Ste7 *

Usin- the C%I? con3i-ure the routers with the 3ollowin- I addresses: &Set the cloc! rate to "/777 on the appropriate inter3aces>$ IS Serial 77 (77>(>(>#1 *7 IS&con3i-$Ainter3ace Serial 77 IS&con3i-6i3$Aip address (77>(>(>#1 ("">("">("">("( IS&con3i-6i3$Acloc! rate "/777 IS&con3i-6i3$Ano shutdown atewa+ Serial 77 (77>(>(>#4 *7

atewa+&con3i-$Ainter3ace Serial 77 atewa+&con3i-6i3$Aip address (77>(>(>#4 ("">("">("">("( atewa+&con3i-6i3$Ano shutdown atewa+ 0astEthernet 77 #7>#7>#7># (. atewa+&con3i-$Ainter3ace 0astEthernet 77 atewa+&con3i-6i3$Aip address #7>#7>#7># ("">("">("">7 atewa+&con3i-6i3$Ano shutdown Con3i-ure the hosts as 3ollows: C7 #7>#7>#7>( (. I address #7>#7>#7>(? Subnet Mas! ("">("">("">7? De3ault atewa+ #7>#7>#7># C# #7>#7>#7>* (. I address #7>#7>#7>*? Subnet Mas! ("">("">("">7? De3ault atewa+ #7>#7>#7># Ste7 0

Create a static route 3rom the IS to the atewa+ router> 'ddresses in the #55>55>5>*(*7 space hae been allocated 3or Internet access> Use the i7 route command to create the static route> IS&con3i-$Aip route #55>55>5>*( ("">("">("">("( (77>(>(>#4 Ste7 ?

Create a de3ault route 3rom the atewa+ router to the IS router> This will 3orward an+ un!nown destination address tra33ic to the IS b+ settin- a atewa+ o3 %ast ,esort on the atewa+ router> atewa+&con3i-$Aip route 7>7>7>7 7>7>7>7 (77>(>(>#1 Tr+ to reach all addresses usin- pin- 3rom one o3 the hosts> The host will not be able to success3ull+ pin- the IS Serial inter3ace> )h+ does this pin- 3ail The echo6 re=uest 3rom the C will reach the IS> The source address 3or the echo6re=uest will  be #7>#7>#7>x because the N'T con3i-uration has not occurred> 2oweer? the IS has no routin- table entr+ 3or the #7>7>7>7 networ!F there3ore the IS will not send an echo6repl+>

Ste7 1

Gn the atewa+ router de3ine the pool o3 public addresses? use the i7 n!t 7ool command? name it Hpublic6accessH and assi-n the useable addresses 3or the pool #55>55>5>*( *7> atewa+&con3i-$Aip nat pool public6access #55>55>5>** #55>55>5>*. netmas! ("">("">("">("(

Ste7 -

De3ine a standard access list &use H#H as the 'C% number$ that will de3ine the hosts needin- address translation> atewa+&con3i-$Aaccess6list # permit #7>#7>#7>7 7>7>7>("" Ste7 .

De3ine the N'T translation 3rom inside list to outside pool &oerload the inter3ace$> atewa+&con3i-$Aip nat inside source list # pool public6access oerload Ste7 D

Speci3+ the N'T inter3aces on the atewa+ router> atewa+&con3i-$Ainter3ace serial77 atewa+&con3i-6i3$Aip nat outside atewa+&con3i-6i3$Ainter3ace 3astethernet 77 atewa+&con3i-6i3$Aip nat inside

Ste7 /

Test the con3i-uration> The hosts should now be able to success3ull+ pin- all the inter3aces on each router>

E2PE&I$ENT CA$PUS A&EA NET
&e9uirements8 •

Simulate a campus area networ! 3or wor!-roups belon-in- to di33erent subnet>

A77!r!tus8

Cisco ac!et tracer  •

End S+stems  C

•

2ubs  2UB6T

•

,outer #4.#(/(7M

T=eor>8

' campus area networ! &C'N$ is a networ! o3 multiple interconnected local area networ!s &%'N$ in a limited -eo-raphical area> ' C'N is smaller than a wide area networ! &)'N$ or metropolitan area networ! &M'N$> ' C'N is also !nown as a corporate area networ! &C'N$> In most cases? C'Ns own shared networ! deices and data exchan-e media> C'N bene3its are as 3ollows:

•

Cost6e33ectie )ireless? ersus cable

•

Multidepartmental networ! access

•

Sin-le shared data trans3er rate &DT,$

•

Pro3edure8 • • • • • • •

Dra- and drop re=uired number o3 C9s on screen 'ssi-n static I to C9s and con3i-ure -atewa+s Con3i-ure 3ast Ethernet port in ,outers Con3i-ure serial I ports in ,outers Set the cloc! rate to "/777 Con3i-ure ,I protocol addresses properl+ Chec! data transmission and reception and in- the Cs in the command prompt>

'esin S3en!rio8

&esult8

Sn!7s=ot o) CAN Simul!tion

It lets +ou see whats happeninon +our networ! at a microscopic leel> It is the de 3acto &and o3ten de 8ure$ standard across man+ industries and educational institutions> )ireshar! deelopment thries than!s to the contributions o3 networ!in- experts across the -lobe> It is the continuation o3 a pro8ect that started in #554>

Fe!tures

)ireshar! has a rich 3eature set which includes the 3ollowin-: •

Deep inspection o3 hundreds o3 protocols? with more bein- added all the time

•

%ie capture and o33line anal+sis

•

Standard three6pane pac!et browser

•

Multi6plat3orm: ,uns on )indows? %inux? GS J? Solaris? 0reeBSD? NetBSD? and man+ others

•

Captured networ! data can be browsed ia a UI? or ia the TTY6mode TShar! utilit+

•

The most power3ul displa+ 3ilters in the industr+

•

,ich KoI anal+sis

•

•

•

•

,eadwrite man+ di33erent capture 3ile 3ormats: tcpdump &libpcap$? cap N? Catapult DCT(777? Cisco Secure IDS iplo-? Microso3t Networ! Monitor? Networ! eneral Sni33erL &compressed and uncompressed$? Sni33erL ro? and NetJra+L? Networ!  Instruments Gbserer? NetScreen snoop? Noell %'Nal+@er? ,'DCGM )'N%'N 'nal+@er? Shomiti0inisar Sure+or? Te!tronix #(xx? Kisual Networ!s Kisual UpTime? )ildac!ets Etheree!To!enee!'iroee!? and man+ others Capture 3iles compressed with -@ip can be decompressed on the 3l+ %ie data can be read 3rom Ethernet? IEEE 47(>##? 2D%C? 'TM? Bluetooth? USB? To!en ,in-? 0rame ,ela+? 0DDI? and others &dependin- on +our plat3orm$ Decr+ption support 3or man+ protocols? includin- Isec? IS'M? erberos? SNM*? SS%T%S? )E? and )')'(

•

Colorin- rules can be applied to the pac!et list 3or =uic!? intuitie anal+sis

•

Gutput can be exported to JM%? ostScriptL? CSK? or plain text


“Tell me and I forget. Show me and I remember.  Involve me and I understand.” Chinese proerb

Gne9s understandin- o3 networ! protocols can o3ten be -reatl+ deepened b+ ;seein- protocols in action< and b+ ;pla+in- around with protocols<  obserin- the se=uence o3 messa-es exchan-ed between two protocol entities? delin- down into the details o3 protocol operation? and causin- protocols to per3orm certain actions and then obserin- these actions and their  conse=uences> This can be done in simulated scenarios or in a ;real< networ! enironment such as the Internet> In the )ireshar! labs +ou9ll be doin- in this course? +ou9ll be runninarious networ! applications in di33erent scenarios usin- +our own computer &or +ou can  borrow a 3riendsF let me !now i3 +ou don9t hae access to a computer where +ou can installrun )ireshar!$> You9ll obsere the networ! protocols in +our computer ;in action?< interactin- and exchan-in- messa-es with protocol entities executin- elsewhere in the Internet> Thus? +ou and +our computer will be an inte-ral part o3 these ;lie< labs> You9ll obsere? and +ou9ll learn? b+ doin->

In this 3irst )ireshar! lab? +ou9ll -et ac=uainted with )ireshar!? and ma!e some simple  pac!et captures and obserations>

The basic tool 3or obserin- the messa-es exchan-ed between executin- protocol entities is called a 7!35et sni))er > 's the name su--ests? a pac!et sni33er captures &;sni33s<$ messa-es  bein- sentreceied 3romb+ +our computerF it will also t+picall+ store andor displa+ the contents o3 the arious protocol 3ields in these captured messa-es> ' pac!et sni33er itsel3 is  passie> It obseres messa-es bein- sent and receied b+ applications and protocols runninon +our computer? but neer sends pac!ets itsel3> Similarl+? receied pac!ets are neer  explicitl+ addressed to the pac!et sni33er> Instead? a pac!et sni33er receies a copy o3 pac!ets that are sentreceied 3romb+ application and protocols executin- on +our machine>

0i-ure # shows the structure o3 a pac!et sni33er> 't the ri-ht o3 0i-ure # are the protocols &in this case? Internet protocols$ and applications &such as a web browser or 3tp client$ that normall+ run on +our computer> The pac!et sni33er? shown within the dashed rectan-le in 0i-ure # is an addition to the usual so3tware in +our computer? and consists o3 two parts> The 7!35et 3!7ture li;r!r>   receies a cop+ o3 eer+ lin!6la+er 3rame that is sent 3rom or  receied b+ +our computer> ,ecall 3rom the discussion 3rom section #>" in the text &0i-ure

#>(.#$ that messa-es exchan-ed b+ hi-her la+er protocols such as 2TT? 0T? TC? UD? DNS? or I all are eentuall+ encapsulated in lin!6la+er 3rames that are transmitted oer   ph+sical media such as an Ethernet cable> In 0i-ure #? the assumed ph+sical media is an Ethernet? and so all upper6la+er protocols are eentuall+ encapsulated within an Ethernet 3rame> Capturin- all lin!6la+er 3rames thus -ies +ou all messa-es sentreceied 3romb+ all  protocols and applications executin- in +our computer>

The second component o3 a pac!et sni33er is the 7!35et !n!l>er ? which displa+s the contents o3 all 3ields within a protocol messa-e> In order to do so? the pac!et anal+@er must ;understand< the structure o3 all messa-es exchan-ed b+ protocols> 0or example? suppose we are interested in displa+in- the arious 3ields in messa-es exchan-ed b+ the 2TT protocol in 0i-ure #> The pac!et anal+@er understands the 3ormat o3 Ethernet 3rames? and so can identi3+ the I data-ram within an Ethernet 3rame> It also understands the I data-ram 3ormat? so that it can extract the TC se-ment within the I data-ram> 0inall+? it understands the TC se-ment structure? so it can extract the 2TT messa-e contained in the TC se-ment> 0inall+? it understands the 2TT protocol and so? 3or example? !nows that the 3irst b+tes o3 an 2TT messa-e will contain the strin- ;ET?< ;GST?< or ;2E'D?< as shown in 0i-ure (>4 in the text> )e will be usin- the )ireshar! pac!et sni33er http:www>wireshar!>or-O 3or these labs? allowin- us to displa+ the contents o3 messa-es bein- sentreceied 3romb+ protocols at di33erent leels o3 the protocol stac!> &Technicall+ spea!in-? )ireshar! is a pac!et anal+@er  that uses a pac!et capture librar+ in +our computer$> )ireshar! is a 3ree networ! protocol anal+@er that runs on )indows? %inuxUnix? and Mac computers> It9s an ideal pac!et anal+@er  3or our labs  it is stable? has a lar-e user base and well6documented support that includes a user6-uide &http:www>wireshar!>or-docswsu-PhtmlPchun!ed$? man pa-es #

 ,e3erences to 3i-ures and sections are 3or the / th edition o3 our text? Computer Networks ! Top"down  !pproach # th ed. $.%. &urose and &.'. (oss !ddison" 'esley)*earson +,-+.

&http:www>wireshar!>or-docsman6pa-es$? and a detailed 0'Q &http:www>wireshar!>or-3a=>html$? rich 3unctionalit+ that includes the capabilit+ to anal+@e hundreds o3 protocols? and a well6desi-ned user inter3ace> It operates in computers usinEthernet? serial & and S%I$? 47(>## wireless %'Ns? and man+ other lin!6la+er  technolo-ies &i3 the GS on which its runnin- allows )ireshar! to do so$>

ettin- )ireshar! 

In order to run )ireshar!? +ou will need to hae access to a computer that supports both )ireshar! and the libpcap or 'in*Cap pac!et capture librar+> The libpcap so3tware will be installed 3or +ou? i3 it is not installed within +our operatin- s+stem? when +ou install )ireshar!> See http:www>wireshar!>or-download>html 3or a list o3 supported operatins+stems and download sites

Download and install the )ireshar! so3tware: •

o to http:www>wireshar!>or-download>html and download and install the )ireshar! binar+ 3or +our computer>

The )ireshar! 0'Q has a number o3 help3ul hints and interestin- tidbits o3 in3ormation?  particularl+ i3 +ou hae trouble installin- or runnin- )ireshar!>

,unnin- )ireshar! 

)hen +ou run the )ireshar! pro-ram? +ou9ll -et a startup screen? as shown below:

Fiure 08 Initial )ireshar! Screen

Ta!e a loo! at the upper le3t hand side o3 the screen  +ou9ll see an ;Inter3ace list<> This is the list o3 networ! inter3aces on +our computer> Gnce +ou choose an inter3ace? )ireshar!  will capture all pac!ets on that inter3ace> In the example aboe? there is an Ethernet inter3ace &i-abit networ! Connection$ and a wireless inter3ace &;Microso3t<$>

I3 +ou clic! on one o3 these inter3aces to start pac!et capture &i>e>? 3or )ireshar! to be-in capturin- all pac!ets bein- sent to3rom that inter3ace$? a screen li!e the one below will be displa+ed? showin- in3ormation about the pac!ets bein- captured> Gnce +ou start pac!et capture? +ou can stop it b+ usin- the Capture pull down menu and selectin- Stop>

The )ireshar! inter3ace has 3ie ma8or components: •

The 3omm!nd menus are standard pulldown menus located at the top o3 the window> G3 interest to us now are the 0ile and Capture menus> The 0ile menu allows +ou to sae captured pac!et data or open a 3ile containin- preiousl+ captured pac!et data? and exit the )ireshar! application> The Capture menu allows +ou to be-in pac!et capture>

•

•

•

•

The 7!35etlistin 4indo4 displa+s a one6line summar+ 3or each pac!et captured? includin- the pac!et number &assi-ned b+ )ireshar!F this is not   a pac!et number  contained in an+ protocol9s header$? the time at which the pac!et was captured? the  pac!et9s source and destination addresses? the protocol t+pe? and protocol6speci3ic in3ormation contained in the pac!et> The pac!et listin- can be sorted accordin- to an+ o3 these cate-ories b+ clic!in- on a column name> The protocol t+pe 3ield lists the hi-hest6leel protocol that sent or receied this pac!et? i>e>? the protocol that is the source or ultimate sin! 3or this pac!et> The 7!35et=e!der det!ils 4indo4 proides details about the pac!et selected &hi-hli-hted$ in the pac!et6listin- window> &To select a pac!et in the pac!et6listinwindow? place the cursor oer the pac!et9s one6line summar+ in the pac!et6listinwindow and clic! with the le3t mouse button>$> These details include in3ormation about the Ethernet 3rame &assumin- the pac!et was sentreceied oer an Ethernet inter3ace$ and I data-ram that contains this pac!et> The amount o3 Ethernet and I6 la+er detail displa+ed can be expanded or minimi@ed b+ clic!in- on the plus minus  boxes to the le3t o3 the Ethernet 3rame or I data-ram line in the pac!et details window> I3 the pac!et has been carried oer TC or UD? TC or UD details will also be displa+ed? which can similarl+ be expanded or minimi@ed> 0inall+? details about the hi-hest6leel protocol that sent or receied this pac!et are also proided> The 7!35et3ontents 4indo4 displa+s the entire contents o3 the captured 3rame? in  both 'SCII and hexadecimal 3ormat> Towards the top o3 the )ireshar! -raphical user inter3ace? is the 7!35et dis7l!> )ilter )ield, into which a protocol name or other in3ormation can be entered in order to 3ilter  the in3ormation displa+ed in the pac!et6listin- window &and hence the pac!et6header  and pac!et6contents windows$> In the example below? we9ll use the pac!et6displa+ 3ilter 3ield to hae )ireshar! hide ¬ displa+$ pac!ets except those that correspond to 2TT messa-es>

Ta!in- )ireshar! 3or a Test ,un

The best wa+ to learn about an+ new piece o3 so3tware is to tr+ it outR )e9ll assume that +our  computer is connected to the Internet ia a wired Ethernet inter3ace> Indeed? I recommend that +ou do this 3irst lab on a computer that has a wired Ethernet connection? rather than 8ust a wireless connection> Do the 3ollowin-

#> Start up +our 3aorite web browser? which will displa+ +our selected homepa-e>

(> Start up the )ireshar! so3tware> You will initiall+ see a window similar to that shown in 0i-ure (> )ireshar! has not +et be-un capturin- pac!ets>

*> To be-in pac!et capture? select the Capture pull down menu and select Interfaces. This will cause the ;)ireshar!: Capture Inter3aces< window to be displa+ed? as shown in 0i-ure .>

Fiure 18 )ireshar! Capture Inter3ace )indow

.> You9ll see a list o3 the inter3aces on +our computer as well as a count o3 the pac!ets that hae been obsered on that inter3ace so 3ar> Clic! on Start   3or the inter3ace on which +ou want to be-in pac!et capture &in the case? the i-abit networ!  Connection$> ac!et capture will now be-in 6 )ireshar! is now capturin- all pac!ets  bein- sentreceied 3romb+ +our computerR

"> Gnce +ou be-in pac!et capture? a window similar to that shown in 0i-ure * will appear> This window shows the pac!ets bein- captured> B+ selectin- Capture  pulldown menu and selectin- Stop? +ou can stop pac!et capture> But don9t stop  pac!et capture +et> %et9s capture some interestin- pac!ets 3irst> To do so? we9ll need to -enerate some networ! tra33ic> %et9s do so usin- a web browser? which will use the 2TT protocol that we will stud+ in detail in class to download content 3rom a website>

/> )hile )ireshar! is runnin-? enter the U,%: http:-aia>cs>umass>eduwireshar!6labsINT,G6wireshar!63ile#>html and hae that pa-e displa+ed in +our browser> In order to displa+ this pa-e? +our   browser will contact the 2TT serer at -aia>cs>umass>edu and exchan-e 2TT messa-es with the serer in order to download this pa-e? as discussed in section (>( o3 

the text> The Ethernet 3rames containin- these 2TT messa-es &as well as all other  3rames passin- throu-h +our Ethernet adapter$ will be captured b+ )ireshar!>

1> '3ter +our browser has displa+ed the INT,G6wireshar!63ile#>html pa-e &it is a simple one line o3 con-ratulations$? stop )ireshar! pac!et capture b+ selectin- stop in the )ireshar! capture window> The main )ireshar! window should now loo! similar to 0i-ure *> You now hae lie pac!et data that contains all protocol messa-es exchan-ed between +our computer and other networ! entitiesR The 2TT messa-e exchan-es with the -aia>cs>umass>edu web serer should appear somewhere in the listin- o3 pac!ets captured> But there will be man+ other t+pes o3 pac!ets displa+ed as well &see? e>->? the man+ di33erent protocol t+pes shown in the *rotocol   column in 0i-ure *$> Een thou-h the onl+ action +ou too! was to download a web pa-e? there were eidentl+ man+ other protocols runnin- on +our computer that are unseen b+ the user> )e9ll learn much more about these protocols as we pro-ress throu-h the textR 0or now? +ou should 8ust be aware that there is o3ten much more -oin- on than ;meet9s the e+e
4> T+pe in ;http< &without the =uotes? and in lower case  all protocol names are in lower  case in )ireshar!$ into the displa+ 3ilter speci3ication window at the top o3 the main )ireshar! window> Then select  !pply &to the ri-ht o3 where +ou entered ;http<$> This will cause onl+ 2TT messa-e to be displa+ed in the pac!et6listin- window>

5> 0ind the 2TT ET messa-e that was sent 3rom +our computer to the -aia>cs>umass>edu 2TT serer> &%oo! 3or an 2TT ET messa-e in the ;listin- o3  captured pac!ets< portion o3 the )ireshar! window &see 0i-ure *$ that shows ;ET< 3ollowed b+ the -aia>cs>umass>edu U,% that +ou entered> )hen +ou select the 2TT ET messa-e? the Ethernet 3rame? I data-ram? TC se-ment? and 2TT messa-e header in3ormation will be displa+ed in the pac!et6header window(> B+ clic!in- on 9 and 6 ri-ht6pointin- and down6pointin- arrowheads to the le3t side o3 the pac!et details window? minimie the amount o3 0rame? Ethernet? Internet rotocol? and Transmission Control rotocol in3ormation displa+ed>  /a0imie the amount in3ormation displa+ed about the 2TT protocol> Your )ireshar! displa+ should now loo! rou-hl+ as shown in 0i-ure "> &Note? in particular? the minimi@ed amount o3   protocol in3ormation 3or all protocols except 2TT? and the maximi@ed amount o3   protocol in3ormation 3or 2TT in the pac!et6header window$>

(

 ,ecall that the 2TT ET messa-e that is sent to the -aia>cs>umass>edu web serer is contained within a TC se-ment? which is contained &encapsulated$ in an I data-ram? which is encapsulated in an Ethernet 3rame> I3 this process o3 encapsulation isn9t =uite clear +et? reiew section #>" in the text

#7> Exit )ireshar! 

Con-ratulationsR You9e now completed the 3irst lab>

Fiure -8 )ireshar! window a3ter step 5

The -oal o3 this 3irst lab was primaril+ to introduce +ou to )ireshar!> The 3ollowin=uestions will demonstrate that +ou9e been able to -et )ireshar! up and runnin-? and hae explored some o3 its capabilities> 'nswer the 3ollowin- =uestions? based on +our )ireshar!  experimentation:

#> %ist * di33erent protocols that appear in the protocol column in the un3iltered pac!et6 listin- window in step 1 aboe> (> 2ow lon- did it ta!e 3rom when the 2TT ET messa-e was sent until the 2TT G  repl+ was receied &B+ de3ault? the alue o3 the Time column in the pac!et6listinwindow is the amount o3 time? in seconds? since )ireshar! tracin- be-an> To displa+

the Time 3ield in time6o36da+ 3ormat? select the )ireshar! 1iew pull down menu? then select Time 2isplay %ormat ? then select Time"of"day >$ *> )hat is the Internet address o3 the -aia>cs>umass>edu &also !nown as www6 net>cs>umass>edu$ )hat is the Internet address o3 +our computer .> rint the two 2TT messa-es &ET and G$ re3erred to in =uestion ( aboe> To do so? select  *rint  3rom the )ireshar!  %ile command menu? and select the ;Selected   *acket 3nly” and “*rint as displayed”  radial buttons? and then clic! G>

*: T=e B!si3 HTTP GET@res7onse inter!3tion

%et9s be-in our exploration o3 2TT b+ downloadin- a er+ simple 2TM% 3ile 6 one that is er+ short? and contains no embedded ob8ects> Do the 3ollowin-: #> Start up +our web browser> (> Start up the )ireshar! pac!et sni33er? as described in the Introductor+ lab &but don9t +et be-in pac!et capture$> Enter ;http< &8ust the letters? not the =uotation mar!s$ in the displa+63ilter6speci3ication window? so that onl+ captured 2TT messa-es will be displa+ed later in the pac!et6listin- window> &)e9re onl+ interested in the 2TT  protocol here? and don9t want to see the clutter o3 all captured pac!ets$> *> )ait a bit more than one minute &we9ll see wh+ shortl+$? and then be-in )ireshar!   pac!et capture> .> Enter the 3ollowinto +our http:-aia>cs>umass>eduwireshar!6labs2TT6wireshar!63ile#>html Your browser should displa+ the er+ simple? one6line 2TM% 3ile>

browser  

"> Stop )ireshar! pac!et capture>

Your )ireshar! window should loo! similar to the window shown in 0i-ure #> I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can download a pac!et trace that was created when the steps aboe were 3ollowed>*

*

Download the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip and extract the 3ile http6 ethereal6trace6#> The traces in this @ip 3ile were collected b+ )ireshar! runnin- on one o3 the author9s computers? while per3ormin- the steps indicated in the )ireshar! lab> Gnce +ou hae downloaded the trace? +ou can load it into )ireshar! and iew the trace usin- the  %ile pull down menu? choosin- 3pen? and then selectinthe http6ethereal6trace6# trace 3ile> The resultin- displa+ should loo! similar to 0i-ure #> &The )ireshar! user inter3ace displa+s 8ust a bit di33erentl+ on di33erent operatin- s+stems? and in di33erent ersions o3 )ireshar!$>

0i-ure #: )ireshar! Displa+ a3ter http:-aia>cs>umass>eduwireshar!6labs 2TT6wireshar!6 3ile#>html has been retrieed b+ +our browser 

The example in 0i-ure # shows in the pac!et6listin- window that two 2TT messa-es were captured: the ET messa-e &3rom +our browser to the -aia>cs>umass>edu web serer$ and the response messa-e 3rom the serer to +our browser> The pac!et6contents window shows details o3 the selected messa-e &in this case the 2TT G messa-e? which is hi-hli-hted in the pac!et6listin- window$> ,ecall that since the 2TT messa-e was carried inside a TC se-ment? which was carried inside an I data-ram? which was carried within an Ethernet 3rame? )ireshar! displa+s the 0rame? Ethernet? I? and TC pac!et in3ormation as well> )e want to minimi@e the amount o3 non62TT data displa+ed &we9re interested in 2TT here? and will be inesti-atin- these other protocols is later labs$? so ma!e sure the boxes at the 3ar  le3t o3 the 0rame? Ethernet? I and TC in3ormation hae a plus si-n or a ri-ht6pointintrian-le &which means there is hidden? undispla+ed in3ormation$? and the 2TT line has a minus si-n or a down6pointin- trian-le &which means that all in3ormation about the 2TT messa-e is displa+ed$>

& Note4 You should i-nore an+ 2TT ET and response 3or 3aicon>ico> I3 +ou see a re3erence to this 3ile? it is +our browser automaticall+ as!in- the serer i3 it &the serer$ has a small icon 3ile that should be displa+ed next to the displa+ed U,% in +our browser> )e9ll i-nore re3erences to this pes!+ 3ile in this lab>$>

B+ loo!in- at the in3ormation in the 2TT ET and response messa-es? answer the 3ollowin- =uestions> )hen answerin- the 3ollowin- =uestions? +ou should print out the ET and response messa-es &see the introductor+ )ireshar! lab 3or an explanation o3 how to do this$ and indicate where in the messa-e +ou9e 3ound the in3ormation that answers the 3ollowin- =uestions> )hen +ou hand in +our assi-nment? annotate the output so that it9s clear  where in the output +ou9re -ettin- the in3ormation 3or +our answer &e>->? 3or our classes? we as! that students mar!up paper copies with a pen? or annotate electronic copies with text in a colored 3ont$> #> Is +our browser runnin- 2TT ersion #>7 or #># )hat ersion o3 2TT is the serer runnin- (> )hat lan-ua-es &i3 an+$ does +our browser indicate that it can accept to the serer *> )hat is the I address o3 +our computer G3 the -aia>cs>umass>edu serer .> )hat is the status code returned 3rom the serer to +our browser "> )hen was the 2TM% 3ile that +ou are retriein- last modi3ied at the serer /> 2ow man+ b+tes o3 content are bein- returned to +our browser 1> B+ inspectin- the raw data in the pac!et content window? do +ou see an+ headers within the data that are not displa+ed in the pac!et6listin- window I3 so? name one>

In +our answer to =uestion " aboe? +ou mi-ht hae been surprised to 3ind that the document +ou 8ust retrieed was last modi3ied within a minute be3ore +ou downloaded the document> That9s because &3or this particular 3ile$? the -aia>cs>umass>edu serer is settin- the 3ile9s last6 modi3ied time to be the current time? and is doin- so once per minute> Thus? i3 +ou wait a minute between accesses? the 3ile will appear to hae been recentl+ modi3ied? and hence +our   browser will download a ;new< cop+ o3 the document>

0: T=e HTTP CON'ITIONAL GET@res7onse inter!3tion

,ecall 3rom Section (>(>/ o3 the text? that most web browsers per3orm ob8ect cachin- and thus per3orm a conditional ET when retriein- an 2TT ob8ect> Be3ore per3ormin- the steps  below? ma!e sure +our browser9s cache is empt+> &To do this under 0ire3ox? select Tools" 5Clear (ecent 6istory and chec! the Cache box? or 3or Internet Explorer? select Tools" 5Internet 3ptions"52elete %ile7 these actions will remoe cached 3iles 3rom +our browser9s cache>$ Now do the 3ollowin-: •

Start up +our web browser? and ma!e sure +our browser9s cache is cleared? as discussed aboe>

•

•

•

•

•

Start up the )ireshar! pac!et sni33er  Enter the 3ollowinU,% into +our http:-aia>cs>umass>eduwireshar!6labs2TT6wireshar!63ile(>html Your browser should displa+ a er+ simple 3ie6line 2TM% 3ile>

browser  

Quic!l+ enter the same U,% into +our browser a-ain &or simpl+ select the re3resh  button on +our browser$ Stop )ireshar! pac!et capture? and enter ;http< in the displa+63ilter6speci3ication window? so that onl+ captured 2TT messa-es will be displa+ed later in the pac!et6 listin- window> & Note4 I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can use the http6ethereal6trace6( pac!et trace to answer the =uestions belowF see 3ootnote #> This trace 3ile was -athered while per3ormin- the steps aboe on one o3 the author9s computers>$

'nswer the 3ollowin- =uestions: 4> Inspect the contents o3 the 3irst 2TT ET re=uest 3rom +our browser to the serer> Do +ou see an ;I06MGDI0IED6SINCE< line in the 2TT ET 5> Inspect the contents o3 the serer response> Did the serer explicitl+ return the contents o3 the 3ile 2ow can +ou tell #7> Now inspect the contents o3 the second 2TT ET re=uest 3rom +our browser to the serer> Do +ou see an ;I06MGDI0IED6SINCE:< line in the 2TT ET I3 so? what in3ormation 3ollows the ;I06MGDI0IED6SINCE:< header ##> )hat is the 2TT status code and phrase returned 3rom the serer in response to this second 2TT ET Did the serer explicitl+ return the contents o3 the 3ile Explain>

?: &etriein Lon 'o3uments

In our examples thus 3ar? the documents retrieed hae been simple and short 2TM% 3iles> %et9s next see what happens when we download a lon- 2TM% 3ile> Do the 3ollowin-: •

Start up +our web browser? and ma!e sure +our browser9s cache is cleared? as discussed aboe>

•

•

•

•

Start up the )ireshar! pac!et sni33er  Enter the 3ollowinU,% into +our http:-aia>cs>umass>eduwireshar!6labs2TT6wireshar!63ile*>html Your browser should displa+ the rather len-th+ US Bill o3 ,i-hts>

browser  

Stop )ireshar! pac!et capture? and enter ;http< in the displa+63ilter6speci3ication window? so that onl+ captured 2TT messa-es will be displa+ed> & Note4 I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can use the http6ethereal6trace6* pac!et trace to answer the =uestions belowF see 3ootnote #> This trace 3ile was -athered while per3ormin- the steps aboe on one o3 the author9s computers>$

In the pac!et6listin- window? +ou should see +our 2TT ET messa-e? 3ollowed b+ a multiple6pac!et TC response to +our 2TT ET re=uest> This multiple6pac!et response deseres a bit o3 explanation> ,ecall 3rom Section (>( &see 0i-ure (>5 in the text$ that the 2TT response messa-e consists o3 a status line? 3ollowed b+ header lines? 3ollowed b+ a  blan! line? 3ollowed b+ the entit+ bod+> In the case o3 our 2TT ET? the entit+ bod+ in the response is the entire re=uested 2TM% 3ile> In our case here? the 2TM% 3ile is rather lon-? and at ."77 b+tes is too lar-e to 3it in one TC pac!et> The sin-le 2TT response messa-e is thus bro!en into seeral pieces b+ TC? with each piece bein- contained within a separate TC se-ment &see 0i-ure #>(. in the text$> In recent ersions o3 )ireshar!? )ireshar!  indicates each TC se-ment as a separate pac!et? and the 3act that the sin-le 2TT response was 3ra-mented across multiple TC pac!ets is indicated b+ the ;TC se-ment o3 a reassembled DU< in the In3o column o3 the )ireshar! displa+> Earlier ersions o3  )ireshar! used the ;Continuation< phrase to indicated that the entire content o3 an 2TT messa-e was bro!en across multiple TC se-ments>> )e stress here that there is no ;Continuation< messa-e in 2TTR

'nswer the 3ollowin- =uestions: #(> 2ow man+ 2TT ET re=uest messa-es did +our browser send )hich pac!et number in the trace contains the ET messa-e 3or the Bill or ,i-hts #*> )hich pac!et number in the trace contains the status code and phrase associated with the response to the 2TT ET re=uest #.> )hat is the status code and phrase in the response #"> 2ow man+ data6containin- TC se-ments were needed to carr+ the sin-le 2TT response and the text o3 the Bill o3 ,i-hts

1: HT$L 'o3uments 4it= Em;edded O;e3ts

 Now that we9e seen how )ireshar! displa+s the captured pac!et tra33ic 3or lar-e 2TM% 3iles? we can loo! at what happens when +our browser downloads a 3ile with embedded ob8ects? i>e>? a 3ile that includes other ob8ects &in the example below? ima-e 3iles$ that are stored on another serer&s$> Do the 3ollowin-: •

Start up +our web browser? and ma!e sure +our browser9s cache is cleared? as discussed aboe>

•

Start up the )ireshar! pac!et sni33er 

•

Enter

the

3ollowin-

U,%

into

+our

browser  

http:-aia>cs>umass>eduwireshar!6labs2TT6wireshar!63ile.>html Your browser should displa+ a short 2TM% 3ile with two ima-es> These two ima-es are re3erenced in the base 2TM% 3ile> That is? the ima-es themseles are not contained in the 2TM%F instead the U,%s 3or the ima-es are contained in the downloaded 2TM% 3ile> 's discussed in the textboo!? +our browser will hae to retriee these lo-os 3rom the indicated web sites> Gur publisher9s lo-o is retrieed 3rom the www>aw6bc>com web site> The ima-e o3 the coer 3or our "th edition &one o3  our 3aorite coers$ is stored at the manic>cs>umass>edu serer> •

Stop )ireshar! pac!et capture? and enter ;http< in the displa+63ilter6speci3ication window? so that onl+ captured 2TT messa-es will be displa+ed>

•

& Note4 I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can use the http6ethereal6trace6. pac!et trace to answer the =uestions belowF see 3ootnote #> This trace 3ile was -athered while per3ormin- the steps aboe on one o3 the author9s computers>$

'nswer the 3ollowin- =uestions: #/> 2ow man+ 2TT ET re=uest messa-es did +our browser send To which Internet addresses were these ET re=uests sent #1> Can +ou tell whether +our browser downloaded the two ima-es seriall+? or whether  the+ were downloaded 3rom the two web sites in parallel Explain>

- HTTP Aut=enti3!tion

0inall+? let9s tr+ isitin- a web site that is password6protected and examine the se=uence o3  2TT messa-e exchan-ed 3or such a site> The U,% http:-aia>cs>umass>eduwireshar!6labsprotectedPpa-es2TT6wireshar!63ile">html is  password protected> The username is ;wireshar!6students< &without the =uotes$? and the  password is ;networ!< &a-ain? without the =uotes$> So let9s access this ;secure< password6  protected site> Do the 3ollowin-: •

•

•

•

•

Ma!e sure +our browser9s cache is cleared? as discussed aboe? and close down +our   browser> Then? start up +our browser  Start up the )ireshar! pac!et sni33er  Enter the 3ollowinU,% into +our browser   http:-aia>cs>umass>eduwireshar!6labsprotectedPpa-es2TT6wireshar!63ile">html T+pe the re=uested user name and password into the pop up box> Stop )ireshar! pac!et capture? and enter ;http< in the displa+63ilter6speci3ication window? so that onl+ captured 2TT messa-es will be displa+ed later in the pac!et6 listin- window> & Note4 I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can use the http6ethereal6trace6" pac!et trace to answer the =uestions belowF see 3ootnote (> This trace 3ile was -athered while per3ormin- the steps aboe on one o3 the author9s computers>$

 Now let9s examine the )ireshar! output> You mi-ht want to 3irst read up on 2TT authentication b+ reiewin- the eas+6to6read material on ;2TT 'ccess 'uthentication 0ramewor!< at http:3rontier>userland>comstoriesstor+,eader(#"5 'nswer the 3ollowin- =uestions: #4> )hat is the serer9s response &status code and phrase$ in response to the initial 2TT ET messa-e 3rom +our browser #5> )hen +our browser9s sends the 2TT ET messa-e 3or the second time? what new 3ield is included in the 2TT ET messa-e

The username &wireshar!6students$ and password &networ!$ that +ou entered are encoded in the strin- o3 characters &d(l+VJNoYJWr%JN7d),lbn,@Gm"ld2dcmsX$ 3ollowin- the ;'uthori@ation: Basic< header in the client9s 2TT ET messa-e> )hile it ma+ appear that +our username and password are encr+pted? the+ are simpl+ encoded in a 3ormat !nown as

Base/. 3ormat> The username and password are not   encr+ptedR To see this? -o to http:www>motobit>comutilbase/.6decoder6encoder>asp and enter the base/.6encoded strin- d(l+VJNoYJWr%JN7d),lbn,@ and decode> 1oila8 You hae translated 3rom Base/. encodin- to 'SCII encodin-? and thus should see +our usernameR To iew the  password? enter the remainder o3 the strin- Gm"ld2dcmsX and press decode> Since an+one can download a tool li!e )ireshar! and sni33 pac!ets ¬ 8ust their own$ passin- b+ their  networ! adaptor? and an+one can translate 3rom Base/. to 'SCII &+ou 8ust did itR$? it should  be clear to +ou that simple passwords on ))) sites are not secure unless additional measures are ta!en>

TCP *: C!7turin ! ;ul5 TCP tr!ns)er )rom >our 3om7uter to ! remote serer

Be3ore be-innin- our exploration o3 TC? we9ll need to use )ireshar! to obtain a pac!et trace o3 the TC trans3er o3 a 3ile 3rom +our computer to a remote serer> You9ll do so b+ accessina )eb pa-e that will allow +ou to enter the name o3 a 3ile stored on +our computer &which contains the 'SCII text o3 !lice in 'onderland $? and then trans3er the 3ile to a )eb serer  usin- the 2TT GST method &see section (>(>* in the text$> )e9re usin- the GST method rather than the ET method as we9d li!e to trans3er a lar-e amount o3 data  from  +our  computer to another computer> G3 course? we9ll be runnin- )ireshar! durin- this time to obtain the trace o3 the TC se-ments sent and receied 3rom +our computer>

Do the 3ollowin-: •

•

•

Start up +our web browser> o the http:-aia>cs>umass>eduwireshar!6labsalice>txt and retriee an 'SCII cop+ o3 !lice in 'onderland. Store this 3ile somewhere on +our  computer>  Next -o to http:-aia>cs>umass>eduwireshar!6labsTC6wireshar!63ile#>html> You should see a screen that loo!s li!e:

•

•

•

•

Use the 9rowse button in this 3orm to enter the name o3 the 3ile &3ull path name$ on +our computer containin- !lice in 'onderland &or do so manuall+$> Don9t +et press the ;:pload alice.t0t file < button>  Now start up )ireshar! and be-in pac!et capture ;Capture"5Start< and then press 3&  on the )ireshar! ac!et Capture Gptions screen &we9ll not need to select an+ options here$> ,eturnin- to +our browser? press the ;:pload alice.t0t file< button to upload the 3ile to the -aia>cs>umass>edu serer> Gnce the 3ile has been uploaded? a short con-ratulations messa-e will be displa+ed in +our browser window> Stop )ireshar! pac!et capture> Your )ireshar! window should loo! similar to the window shown below>

I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can download a pac!et trace 3ile that was captured while 3ollowin- the steps aboe on one o3 the author9s

computers.> You ma+ well 3ind it aluable to download this trace een i3 +ou9e captured +our own trace and use it? as well as +our own trace? when +ou explore the =uestions below>

0: A )irst loo5 !t t=e 3!7tured tr!3e

Be3ore anal+@in- the behaior o3 the TC connection in detail? let9s ta!e a hi-h leel iew o3  the trace> •

0irst? 3ilter the pac!ets displa+ed in the )ireshar! window b+ enterin- ;tcp< &lowercase? no =uotes? and don9t 3or-et to press return a3ter enterin-R$ into the displa+ 3ilter speci3ication window towards the top o3 the )ireshar! window>

)hat +ou should see is series o3 TC and 2TT messa-es between +our computer and -aia>cs>umass>edu> You should see the initial three6wa+ handsha!e containin- a SYN messa-e> You should see an 2TT GST messa-e> Dependin- on the ersion o3 )ireshar!  +ou are usin-? +ou mi-ht see a series o3 ;2TT Continuation< messa-es bein- sent 3rom +our  computer to -aia>cs>umass>edu> ,ecall 3rom our discussion in the earlier 2TT )ireshar!  lab? that is no such thin- as an 2TT Continuation messa-e  this is )ireshar!9s wa+ o3  indicatin- that there are multiple TC se-ments bein- used to carr+ a sin-le 2TT messa-e> In more recent ersions o3 )ireshar!? +ou9ll see ;TC se-ment o3 a reassembled DUO< in the In3o column o3 the )ireshar! displa+ to indicate that this TC se-ment contained data that belon-ed to an upper la+er protocol messa-e &in our case here? 2TT$> You should also see TC 'C se-ments bein- returned 3rom -aia>cs>umass>edu to +our computer>

'nswer the 3ollowin- =uestions? b+ openin- the )ireshar! captured pac!et 3ile tcp"ethereal" trace"- in http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip &that is download the trace and open that trace in )ireshar!F see 3ootnote ($> )heneer possible? when answerin- a =uestion +ou should hand in a printout o3 the pac!et&s$ within the trace that +ou used to answer the =uestion as!ed> 'nnotate the printout" to explain +our answer> To print a pac!et? use  %ile"5*rint ? choose Selected packet only? choose *acket summary line and select the minimum amount o3 pac!et detail that +ou need to answer the =uestion> #>

.

)hat is the I address and TC port number used b+ the client computer &source$ that is trans3errin- the 3ile to -aia>cs>umass>edu To answer this =uestion? it9s probabl+ easiest to select an 2TT messa-e and explore the details o3 the TC pac!et used to

 Download the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip and extract the 3ile tcp6 ethereal6trace6#> The traces in this @ip 3ile were collected b+ )ireshar! runnin- on one o3 the author9s computers? while per3ormin- the steps indicated in the )ireshar! lab> Gnce +ou hae downloaded the trace? +ou can load it into )ireshar! and iew the trace usin- the  %ile pull down menu? choosin- 3pen? and then selectinthe tcp6ethereal6trace6# trace 3ile> "  )hat do we mean b+ ;annotate< I3 +ou hand in a paper cop+? please hi-hli-ht where in the printout +ou9e 3ound the answer and add some text &pre3erabl+ with a colored pen$ notin- what +ou 3ound in what +ou e hi-hli-ht> I3 +ou hand in an electronic cop+? it would be -reat i3 +ou could also hi-hli-ht and annotate>

carr+ this 2TT messa-e? usin- the ;details o3 the selected pac!et header window< &re3er to 0i-ure ( in the ;ettin- Started with )ireshar!< %ab i3 +ou9re uncertain about the )ireshar! windows> (>

)hat is the I address o3 -aia>cs>umass>edu Gn what port number is it sendin- and receiin- TC se-ments 3or this connection

I3 +ou hae been able to create +our own trace? answer the 3ollowin- =uestion: *>

)hat is the I address and TC port number used b+ +our client computer &source$ to trans3er the 3ile to -aia>cs>umass>edu

Since this lab is about TC rather than 2TT? let9s chan-e )ireshar!9s ;listin- o3 captured  pac!ets< window so that it shows in3ormation about the TC se-ments containin- the 2TT messa-es? rather than about the 2TT messa-es> To hae )ireshar! do this? select !nalye" 5=nabled *rotocols. Then unchec! the 2TT box and select 3& > You should now see a )ireshar! window that loo!s li!e:

This is what we9re loo!in- 3or 6 a series o3 TC se-ments sent between +our computer and -aia>cs>umass>edu> )e will use the pac!et trace that +ou hae captured &andor the pac!et trace tcp"ethereal"trace"- in http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ipF see earlier 3ootnote$ to stud+ TC behaior in the rest o3 this lab>

?: TCP B!si3s

'nswer the 3ollowin- =uestions 3or the TC se-ments: .>

)hat is the se=uence number o3 the TC SYN se-ment that is used to initiate the TC connection between the client computer and -aia>cs>umass>edu )hat is it in the se-ment that identi3ies the se-ment as a SYN se-ment

">

)hat is the se=uence number o3 the SYN'C se-ment sent b+ -aia>cs>umass>edu to the client computer in repl+ to the SYN )hat is the alue o3 the 'c!nowled-ement 3ield in the SYN'C se-ment 2ow did -aia>cs>umass>edu determine that alue )hat is it in the se-ment that identi3ies the se-ment as a SYN'C se-ment

/>

)hat is the se=uence number o3 the TC se-ment containin- the 2TT GST command Note that in order to 3ind the GST command? +ou9ll need to di- into the  pac!et content 3ield at the bottom o3 the )ireshar! window? loo!in- 3or a se-ment with a ;GST< within its D'T' 3ield>

1>

Consider the TC se-ment containin- the 2TT GST as the 3irst se-ment in the TC connection> )hat are the se=uence numbers o3 the 3irst six se-ments in the TC connection &includin- the se-ment containin- the 2TT GST$ 't what time was each se-ment sent )hen was the 'C 3or each se-ment receied ien the di33erence between when each TC se-ment was sent? and when its ac!nowled-ement was receied? what is the ,TT alue 3or each o3 the six se-ments )hat is the Estimated,TT alue &see Section *>">*? pa-e (*5 in text$ a3ter the receipt o3 each 'C 'ssume that the alue o3 the Estimated,TT is e=ual to the measured ,TT 3or  the 3irst se-ment? and then is computed usin- the Estimated,TT e=uation on pa-e (*5 3or all subse=uent se-ments>

 Note4 )ireshar! has a nice 3eature that allows +ou to plot the ,TT 3or each o3 the TC se-ments sent> Select a TC se-ment in the ;listin- o3 captured pac!ets< window that is  bein- sent 3rom the client to the -aia>cs>umass>edu serer> Then select: Statistics"5TC*  Stream >raph"5(ound Trip Time >raph. 4> /

)hat is the len-th o3 each o3 the 3irst six TC se-ments/

 The TC se-ments in the tcp6ethereal6trace6# trace 3ile are all less that #./7 b+tes> This is because the computer on which the trace was -athered has an Ethernet card that limits the len-th o3 the maximum I pac!et to #"77 b+tes &.7 b+tes o3 TCI header data and #./7 b+tes o3 TC pa+load$> This #"77 b+te alue is the standard maximum len-th allowed b+ Ethernet> I3 +our trace indicates a TC len-th -reater than #"77 b+tes? and +our computer is usin- an Ethernet connection? then )ireshar! is reportin- the wron- TC se-ment len-thF it will li!el+ also show onl+ one lar-e TC se-ment rather than multiple smaller se-ments> Your computer is indeed probabl+ sendin- multiple smaller se-ments? as indicated b+ the 'Cs it receies> This inconsistenc+ in

5>

)hat is the minimum amount o3 aailable bu33er space adertised at the receied 3or  the entire trace Does the lac! o3 receier bu33er space eer throttle the sender

#7>

're there an+ retransmitted se-ments in the trace 3ile )hat did +ou chec! 3or &in the trace$ in order to answer this =uestion

##>

2ow much data does the receier t+picall+ ac!nowled-e in an 'C Can +ou identi3+ cases where the receier is 'Cin- eer+ other receied se-ment &see Table *>( on pa-e (.1 in the text$>

#(>

)hat is the throu-hput &b+tes trans3erred per unit time$ 3or the TC connection Explain how +ou calculated this alue>

1: TCP 3onestion 3ontrol in !3tion

%et9s now examine the amount o3 data sent per unit time 3rom the client to the serer> ,ather  than &tediousl+R$ calculatin- this 3rom the raw data in the )ireshar! window? we9ll use one o3  )ireshar!9s TC -raphin- utilities 6 Time"Se?uence">raph;Stevens$ 6 to plot out data> •

Select a TC se-ment in the )ireshar!9s ;listin- o3 captured6pac!ets< window> Then select the menu : Statistics"5TC* Stream >raph"5 Time"Se?uence">raph;Stevens $> You should see a plot that loo!s similar to the 3ollowin- plot? which was created 3rom the captured pac!ets in the pac!et trace  tcp"ethereal"trace"in http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip &see earlier 3ootnote $:

reported se-ment len-ths is due to the interaction between the Ethernet drier and the )ireshar! so3tware> )e recommend that i3 +ou hae this inconsistenc+? that +ou per3orm this lab usin- the proided trace 3ile>

2ere? each dot represents a TC se-ment sent? plottin- the se=uence number o3 the se-ment ersus the time at which it was sent> Note that a set o3 dots stac!ed aboe each other  represents a series o3 pac!ets that were sent bac!6to6bac! b+ the sender> 'nswer the 3ollowin- =uestions 3or the TC se-ments the pac!et trace tcp"ethereal"trace"- in http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip #*>

Use the Time"Se?uence">raph;Stevens$ plottin- tool to iew the se=uence number  ersus time plot o3 se-ments bein- sent 3rom the client to the -aia>cs>umass>edu serer> Can +ou identi3+ where TC9s slowstart phase be-ins and ends? and where con-estion aoidance ta!es oer Comment on wa+s in which the measured data di33ers 3rom the ideali@ed behaior o3 TC that we9e studied in the text>

#.>

'nswer each o3 two =uestions aboe 3or the trace that +ou hae -athered when +ou trans3erred a 3ile 3rom +our computer to -aia>cs>umass>edu

'NS *: nsloo5u7

In this lab? we9ll ma!e extensie use o3 the nslookup  tool? which is aailable in most %inuxUnix and Microso3t plat3orms toda+> To run nslookup in %inuxUnix? +ou 8ust t+pe the nslookup command on the command line> To run it in )indows? open the Command rompt and run nslookup on the command line> In it is most basic operation? nslookup tool allows the host runnin- the tool to =uer+ an+ speci3ied DNS serer 3or a DNS record> The =ueried DNS serer can be a root DNS serer? a top6leel6domain DNS serer? an authoritatie DNS serer? or an intermediate DNS serer  &see the textboo! 3or de3initions o3 these terms$> To accomplish this tas!? nslookup sends a DNS =uer+ to the speci3ied DNS serer? receies a DNS repl+ 3rom that same DNS serer? and displa+s the result>

The aboe screenshot shows the results o3 three independent nslookup commands &displa+ed in the )indows Command rompt$> In this example? the client host is located on the campus o3 ES Uniersit+? where the de3ault local DNS serer is #(1>7>7>#> )hen runnin- nslookup? i3 no DNS serer is speci3ied? then nslookup sends the =uer+ to the de3ault DNS serer? which in this case is dns6prime>pol+>edu> Consider the 3irst command: nsloo!up www>pes>edu In words? this command is sa+in- ;please send me the I address 3or the host www>mit>edu<> 's shown in the screenshot? the response 3rom this command proides two pieces o3  in3ormation: &#$ the name and I address o3 the DNS serer that proides the answerF and &($ the answer itsel3? which is the host name and I address o3 www>pes>edu>

 Now consider the second command: nsloo!up t+peXNS www>pes>edu In this example? we hae proided the option ;6t+peXNS< and the domain ;www>pes>edu<> This causes nslookup to send a =uer+ 3or a t+pe6NS record to the de3ault local DNS serer> In words? the =uer+ is sa+in-? ;please send me the host names o3 the authoritatie DNS 3or  www>pes>edu<> &)hen the t+pe option is not used? nslookup uses the de3ault? which is to =uer+ 3or t+pe ' records>$ The answer? displa+ed in the aboe screenshot? 3irst indicates the DNS serer that is proidin- the answer &which is the de3ault local DNS serer$ alon- with two ES nameserers> Each o3 these serers is indeed an authoritatie DNS serer 3or the hosts on the ES campus> 2oweer? nslookup also indicates that the answer is ;non6 authoritatie?< meanin- that this answer came 3rom the cache o3 some serer rather than 3rom an authoritatie ES DNS serer> 0inall+? the answer also includes the I addresses o3 the authoritatie DNS serers at ES> &Een thou-h the t+pe6NS =uer+ -enerated b+ nslookup did not explicitl+ as! 3or the I addresses? the local DNS serer returned these ;3or 3ree< and nslookup displa+s the result>$  Now 3inall+ consider the third command: nsloo!up pesit@one>pes>edu www>pes>edu In this example? we indicate that we want to the =uer+ sent to the DNS serer bits+>mit>edu rather than to the de3ault DNS serer &#(1>7>7>#$> Thus? the =uer+ and repl+ transaction ta!es  place directl+ between our =uer+in- host and www>pes>edu> In this example? the DNS serer  www>pes>edu proides the I address o3 the host pesit@one>pes>edu? which is a web serer at the ES Uniersit+>  Now that we hae -one throu-h a 3ew illustratie examples? +ou are perhaps wonderinabout the -eneral s+ntax o3 nslookup commands> The s+ntax is: nsloo!up option# option( host6to63ind dns6serer  In -eneral? nslookup can be run with @ero? one? two or more options> 'nd as we hae seen in the aboe examples? the dns6serer is optional as wellF i3 it is not supplied? the =uer+ is sent to the de3ault local DNS serer>  Now that we hae proided an oeriew o3 nslookup? it is time 3or +ou to test drie it +oursel3> Do the 3ollowin- &and write down the results$:

#> ,un nslookup to obtain the I address o3 a )eb serer in 'sia> )hat is the I address o3 that serer (> ,un nslookup to determine the authoritatie DNS serers 3or a uniersit+ in Europe>

*> ,un nslookup so that one o3 the DNS serers obtained in Question ( is =ueried 3or the mail serers 3or YahooR mail> )hat is its I address

0: i73on)i

ipconfig  &3or )indows$ and ifconfig  &3or %inuxUnix$ are amon- the most use3ul little utilities in +our host? especiall+ 3or debu--in- networ! issues> 2ere we9ll onl+ describe ipconfig ? althou-h the %inuxUnix ifconfig   is er+ similar> ipconfig   can be used to show +our current TCI in3ormation? includin- +our address? DNS serer addresses? adapter t+pe and so on> 0or example? i3 +ou all this in3ormation about +our host simpl+ b+ enterin-

ipcon3i- all into the Command rompt? as shown in the 3ollowin- screenshot>

ipconfig  is also er+ use3ul 3or mana-in- the DNS in3ormation stored in +our host> In Section (>" we learned that a host can cache DNS records it recentl+ obtained> To see these cached records? a3ter the prompt C:Z proide the 3ollowin- command:

ipcon3i- displa+dns Each entr+ shows the remainin- Time to %ie &TT%$ in seconds> To clear the cache? enter  ipcon3i- 3lushdns 0lushin- the DNS cache clears all entries and reloads the entries 3rom the hosts 3ile>

?: Tr!3in 'NS 4it=
 Now that we are 3amiliar with nslookup  and ipconfig ? we9re read+ to -et down to some serious business> %et9s 3irst capture the DNS pac!ets that are -enerated b+ ordinar+ )eb6 sur3in- actiit+>

•

•

•

Use ipconfig  to empt+ the DNS cache in +our host> Gpen +our browser and empt+ +our browser cache> &)ith Internet Explorer? -o to Tools menu and select Internet GptionsF then in the eneral tab select Delete 0iles>$ Gpen )ireshar! and enter ;ip>addr XX +ourPIPaddress< into the 3ilter? where +ou obtain +ourPIPaddress with ipcon3i-> This 3ilter remoes all pac!ets that neither  ori-inate nor are destined to +our host>

•

Start pac!et capture in )ireshar!>

•

)ith +our browser? isit the )eb pa-e: http:www>iet3>or-

•

Stop pac!et capture>

I3 +ou are unable to run )ireshar! on a lie networ! connection? +ou can download a pac!et trace 3ile that was captured while 3ollowin- the steps aboe on one o3 the author9s computers1> 'nswer the 3ollowin- =uestions> )heneer possible? when answerin- a =uestion  below? +ou should hand in a printout o3 the pac!et&s$ within the trace that +ou used to answer  the =uestion as!ed> 'nnotate the printout4 to explain +our answer> To print a pac!et? use %ile"

1

 Download the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ipand extract the 3ile dns6 ethereal6trace6#> The traces in this @ip 3ile were collected b+ )ireshar! runnin- on one o3 the author9s computers? while per3ormin- the steps indicated in the )ireshar! lab> Gnce +ou hae downloaded the trace? +ou can load it into )ireshar! and iew the trace usin- the  %ile pull down menu? choosin- 3pen? and then selectinthe dns6ethereal6trace6# trace 3ile> 4  )hat do we mean b+ ;annotate< I3 +ou hand in a paper cop+? please hi-hli-ht where in the printout +ou9e 3ound the answer and add some text &pre3erabl+ with a colored pen$ notin- what +ou 3ound in what +ou e hi-hli-ht> I3 +ou hand in an electronic cop+? it would be -reat i3 +ou could also hi-hli-ht and annotate>

5*rint ? choose Selected packet only? choose *acket summary line and select the minimum amount o3 pac!et detail that +ou need to answer the =uestion>

.> %ocate the DNS =uer+ and response messa-es> 're then sent oer UD or TC "> )hat is the destination port 3or the DNS =uer+ messa-e )hat is the source port o3  DNS response messa-e /> To what I address is the DNS =uer+ messa-e sent Use ipcon3i- to determine the I address o3 +our local DNS serer> 're these two I addresses the same 1> Examine the DNS =uer+ messa-e> )hat ;T+pe< o3 DNS =uer+ is it Does the =uer+ messa-e contain an+ ;answers< 4> Examine the DNS response messa-e> 2ow man+ ;answers< are proided )hat do each o3 these answers contain 5> Consider the subse=uent TC SYN pac!et sent b+ +our host> Does the destination I address o3 the SYN pac!et correspond to an+ o3 the I addresses proided in the DNS response messa-e #7> This web pa-e contains ima-es> Be3ore retriein- each ima-e? does +our host issue new DNS =ueries

 Now let9s pla+ with nslookup5>

5

•

Start pac!et capture>

•

Do an nslookup on www>mit>edu

•

Stop pac!et capture>

 I3 +ou are unable to run )ireshar! and capture a trace 3ile? use the trace 3ile dns6ethereal6trace6( in the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip

You

should

-et

a

trace

that

loo!s

somethin-

li!e

the

3ollowin-:

)e see 3rom the aboe screenshot that nslookup actuall+ sent three DNS =ueries and receied three DNS responses> 0or the purpose o3 this assi-nment? in answerin- the 3ollowin=uestions? i-nore the 3irst two sets o3 =ueriesresponses? as the+ are speci3ic to nslookup and are not normall+ -enerated b+ standard Internet applications> You should instead 3ocus on the last =uer+ and response messa-es> #> )hat is the destination port 3or the DNS =uer+ messa-e )hat is the source port o3  DNS response messa-e (> To what I address is the DNS =uer+ messa-e sent Is this the I address o3 +our  de3ault local DNS serer *> Examine the DNS =uer+ messa-e> )hat ;T+pe< o3 DNS =uer+ is it Does the =uer+ messa-e contain an+ ;answers< .> Examine the DNS response messa-e> 2ow man+ ;answers< are proided )hat do each o3 these answers contain "> roide a screenshot>

 Now repeat the preious experiment? but instead issue the command: nsloo!up t+peXNS mit>edu

'nswer the 3ollowin- =uestions#7 :

/> To what I address is the DNS =uer+ messa-e sent Is this the I address o3 +our  de3ault local DNS serer 1> Examine the DNS =uer+ messa-e> )hat ;T+pe< o3 DNS =uer+ is it Does the =uer+ messa-e contain an+ ;answers< 4> Examine the DNS response messa-e> )hat MIT nameserers does the response messa-e proide Does this response messa-e also proide the I addresses o3 the MIT namesers 5> roide a screenshot>

 Now repeat the preious experiment? but instead issue the command:

nsloo!up www>aiit>or>!r bits+>mit>edu

'nswer the 3ollowin- =uestions##:

#7> To what I address is the DNS =uer+ messa-e sent Is this the I address o3 +our  de3ault local DNS serer I3 not? what does the I address correspond to ##> Examine the DNS =uer+ messa-e> )hat ;T+pe< o3 DNS =uer+ is it Does the =uer+ messa-e contain an+ ;answers< #(> Examine the DNS response messa-e> 2ow man+ ;answers< are proided )hat does each o3 these answers contain #*> roide a screenshot>

C Pror!ms #7

 I3 +ou are unable to run )ireshar! and capture a trace 3ile? use the trace 3ile dns6ethereal6trace6* in the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip ##  I3 +ou are unable to run )ireshar! and capture a trace 3ile? use the trace 3ile dns6ethereal6trace6. in the @ip 3ile http:-aia>cs>umass>eduwireshar!6labswireshar!6traces>@ip

Bit Stu))in

#> To the -ien bits add the strin- 7######7 to both the startin- and the end o3 the strin(> To add 7 to each set o3 " one9s i>e> a3ter eer+ 3ie consecutie #[s appear a @ero #include #include void stuff(char str[40]); main() {   char str[40]; int i; printf(!n enter the string"); scanf(s$ %str); printf(!n the given string is"); printf(!n s$ str);   stuff(str); & void stuff(char str[40]) { int i$ '$   0$ l$ n$ *; printf(!n no+ +e are stuffing the data""!n); n  strlen(str); for (i  0; i < n; i,,) { if (str[i]  --) {   ; for (l  i , ; l < i , /; l,,) { if (str[l]  --)   ,,; else rea;

 

& if (  1) { i  i , 1; *  n , ; for ('  *; ' > i; '22) { str[']  str[' 2 ]; & str[']  -0-; & & & printf(!n3he resultant string after stuffing is..!n); printf(s!n$ str); &

Out7ut

C=!r!3ter Stu))in

INPUT8 enter strin-: asdle3-h enter position: 4 inalid position?enter a-ain: * enter the character: !  OUTPUT8 3rame a3ter stu33in-: dlestx as dle ! dle dle dle3-h dleetx #include #include #include #include

void main() { int i0$'0$n$pos; char a[0]$[/0]$ch; clrscr();

printf(enter string!n); scanf(s$%a); nstrlen(a);

printf(enter position!n); scanf(d$%pos);

if(pos>n) { printf(invalid position$ 5nter again "); scanf(d$%pos); &

printf(enter the character!n); chgetche(); [0]-d-; []-l-; []-e-; [6]-s-; [4]-t-; [/]-7-;

'1; +hile(i
if(a[i]-d- %% a[i,]-l- %% a[i,]-e-) { [']-d-; [',]-l-; [',]-e-;

'',6; &

[']a[i]; i,,; ',,; &

[']-d-; [',]-l-; [',]-e-; [',6]-e-; [',4]-t-; [',/]-7-; [',1]-!0-; printf(!nframe after stuffing"!n); printf(s$); getch(); &

C&C

#include #include int dividend [40]$ g[40]$ rem[40]$ n$ ; void main() { int i0$d[0]$c[0]$flag0; void divide(); printf(5nter the length of the 9enerator :olnomial!n); scanf(d$%); printf(5nter the 9enerator :olnomial!n); for(i0;i<;i,,) { scanf(d$%g[i]); & printf(5nter the length of the datastring!n); scanf(d$%n); printf(5nter the datastring"!n); for(i0;i
c[i]  rem[i2n,]; & & printf(!n= code+ord is"!n); for(i0;i
void divide() { int temp[0]$i$'; for(i0;i
& else { for('0;'<2;',,) { temp[']rem[',]; & temp[']dividend[i,2]; & if(temp[0]) { for('0;'<;',,) { rem[']temp[']Ag[']; & & else { for('0;'<;',,) { rem[']temp[']; & & & &

'IT&AS ALGO&ITH$

#include stdio.h #define infinit BBB void di'(int n$int v$int cost[0][0]$int dist[]) { int i$u$count$+$flag[0]$min; for(i;i<n;i,,) flag[i]0$dist[i]cost[v][i]; count; +hile(count<n) {  minBB; for(+;+<n;+,,) if(dist[+]d$costd!n$v$i$dist[i]); &