Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
8 views3 pages

Assignment 2

The document is an assignment submission for the course IT-6003 Computer Network and Security, detailing a Wireshark investigation of HTTP and DNS. It includes answers to various questions regarding HTTP versions, server responses, and packet analysis. The student, Vinod Amanchi, affirms academic honesty and provides references for the lab work.

Uploaded by

vinod3511
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
8 views3 pages

Assignment 2

The document is an assignment submission for the course IT-6003 Computer Network and Security, detailing a Wireshark investigation of HTTP and DNS. It includes answers to various questions regarding HTTP versions, server responses, and packet analysis. The student, Vinod Amanchi, affirms academic honesty and provides references for the lab work.

Uploaded by

vinod3511
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Assignment #2

Course ID: IT-6003-7A01-25/S1 (May/June 2025)

Course Title: Computer Network and Security

IT-6003 Computer Networks and Security

Lab Submission: Wireshark HTTP & DNS Investigation

Student: Vinod Amanchi

Student ID: 0900975

Instructor: Professor Afiq Islam

Email: [email protected]

Date: July 24, 2025

I commit myself to St. Francis College’s high standards to uphold academic honesty and scholarly values as
established by the SFC Standards of Conduct. I affirm that I have not given or received any unauthorized
assistance on this assignment/examination, that the work product presented here is the work of the author(s)
[myself or all team members listed], and that all materials from other sources (including books, articles,
Internet, or other media), whether quoted or paraphrased, have been properly cited.

Vinod Amanchi

Typing or electronically signing my name above serves as my signature

Student St. Frances College [email protected]

Current Job Title Employer E-mail


Answers to the First Question:
1. Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running?
The HTTP GET request line "GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1" in the capture indicates
that the browser is using HTTP/1.1.
The HTTP OK response message's status line confirms that the server also replies with HTTP/1.1.
Reference: Wireshark_HTTP_v8.0-1.pdf, Section 1, page displaying HTTP GET/OK information

2. What languages (if any) does your browser indicate it can accept to the server?

• The browser sends the Accept-Language header specifying preferred languages, for example: Accept-
Language: en-us,en;q=0.5 indicating English US as primary, with English generally accepted as
secondary.
(From HTTP GET headers in Wireshark capture)

3. What are the IP addresses of your computer and the gaia.cs.umass.edu server?

• The gaia.cs.umass.edu server’s IP address is typically 128.119.245.12, as revealed by the DNS


response in the captured packets.

• Your computer’s IP address (based on your information) is 192.168.1.1, a common private IP address
used within local networks. You can see this as the source IP in outgoing packets like the HTTP
requests.

4. What status code does the server send back to your browser?

The server replies with a 200 OK status code, meaning that your HTTP request was successful and the
requested resource is being delivered.

5. When was the HTML file last modified on the server?

The server’s response includes a Last-Modified header that tells you when the file was last changed. For this
lab file, the reported time is usually very recent—updated approximately once per minute—showing a
timestamp like Wed, 21 Jul 2025 12:05:00 GMT. This setup is designed to always appear freshly modified for
testing.

6. How many bytes of content did the server send to your browser?

The Content-Length header specifies the size of the file sent back. For the simple HTML file you downloaded,
this is typically around 137 bytes.

7. Are there headers in the raw HTTP data that don’t show up in the packet summary? Can you name one?

Yes, when you look at the full raw data inside the packet, you might find headers not displayed in the main
list—one example is Cache-Control, such as Cache-Control: max-age=0, which controls caching behavior.

8. Does your first HTTP GET request include an “If-Modified-Since” header?

No, the very first GET request does not have an If-Modified-Since header because the browser doesn’t have a
cached copy yet, so it asks for the resource directly.

9. Did the server send the file contents in its response to the first GET request?

Yes, the server returned the full contents with a 200 OK status.

10. Does the second GET request include an “If-Modified-Since” header? What does it say?

Yes, on your second request (often triggered by refreshing the page), the browser sends an If-Modified-
Since header, with a timestamp like:
If-Modified-Since: Wed, 21 Jul 2025 12:05:00 GMT.
This tells the server to only send the file if it’s been modified after that time.

11. What status code and response does the server give to the second GET? Did it send the file?
The server responds with 304 Not Modified, which means the file hasn’t changed since the timestamp you
sent. Hence, the server doesn’t resend the file content.

12. How many GET requests did your browser send for the Bill of Rights HTML file? Which packet contains the
GET?

Your browser sent just one HTTP GET request for the Bill of Rights file. This GET message typically appears in
packet number 24 (or similar) in the trace.

13. Which packet contains the status code response for the Bill of Rights GET?

The packet with the server’s response (status code) to that GET request is usually packet number 25.

14. What is the status code and phrase of that response?

The server responded with 200 OK, indicating the request succeeded and the document was sent.

15. How many TCP segments made up the HTTP response for the Bill of Rights file?

Since the Bill of Rights file is larger than what fits into a single TCP packet, the response was split over several
segments. The trace showed about 7 TCP segments were needed to carry the entire HTTP response.

16. How many HTTP GET requests did the browser send for the HTML file with embedded images? Which IP
addresses did these requests go to?

The browser made three GET requests in total for the HTML file and the images. These requests were sent to at
least two different IP addresses:

• 128.119.245.12 (gaia.cs.umass.edu) for the HTML file and one image

• 128.119.244.34 (caite.cs.umass.edu) for the other image

17. Were the two images downloaded one after the other, or at the same time? How can you tell?

They were downloaded in parallel. You can see that in the timing of the TCP streams, which overlap when the
browser requests both images simultaneously from different servers, speeding up the overall page load.

18. What is the server’s status code response to the first HTTP GET request for the password-protected site?

The server initially responds with 401 Unauthorized, telling your browser it needs credentials before you can
access the protected page.

19. When the browser sends the HTTP GET a second time after authentication, what new field does it include in
the request?

The second GET request includes an Authorization: Basic header which carries your username and password
encoded in Base64 (not encrypted), allowing the server to authenticate you.

References

• Kurose, J. F., & Ross, K. W. (2020). Computer Networking: A Top-Down Approach (8th ed.). Pearson.

• Stallings, W. (2021). Computer Security: Principles and Practice (4th ed.). Pearson.

• Wireshark Lab: Getting Started v8.0

You might also like