Networks Part 3: Packet Paths + Wireshark NYU-Poly: HSWP - 2014 Instructor: Mandy Galante.

Slides:



Advertisements
Similar presentations
Everything.
Advertisements

S3 Computer Literacy Internet Technology.
Cs/ee 143 Communication Networks Chapter 6 Internetworking Text: Walrand & Parekh, 2010 Steven Low CMS, EE, Caltech.
Cisco Networking Academy Program Address Resolution Protocol ARP The Address Resolution Protocol Who are we ARPing for? or Who for ARP thou?
Operating Systems Concepts 1/e Ruth Watson Chapter 11 Chapter 11 Network Maintenance Ruth Watson.
Copyright 2009 Kenneth M. Chipps Ph.D. Host Addressing Last Update
The Internet Useful Definitions and Concepts About the Internet.
Network Analyzer Example
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
1 Review of Important Networking Concepts Introductory material. This module uses the example from the previous module to review important networking concepts:
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Internet Basics.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Everything. MACIP End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: MACIP MACInterfaceMACInterface.
Understanding Networks Charles Zangla. Network Models Before I can explain how connections are made from across the country, I would like to provide you.
1 TCP/IP architecture A set of protocols allowing communication across diverse networks Out of ARPANET Emphasize on robustness regarding to failure Emphasize.
Lecture 8 Modeling & Simulation of Communication Networks.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Advanced Networking for DVRs
Web server and web browser It’s a take and give policy in between client and server through HTTP(Hyper Text Transport Protocol) Server takes a request.
Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
1 Lab 3 Transport Layer T.A. Youngjoo Han. 2 Transport Layer  Providing logical communication b/w application processes running on different hosts 
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.
Exercises ARP ICMP DNS HTTP/TCP Trace analysis. ARP launch Wireshark ipconfig /all ; see local IP and gateway route -print ; find gateway arp -a ; list.
Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Special Project Group 03 Chintan Shah Nisharg Patel Cynthia York.
HOW WEB SERVER WORKS? By- PUSHPENDU MONDAL RAJAT CHAUHAN RAHUL YADAV RANJIT MEENA RAHUL TYAGI.
Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
Information Flow Across the Internet. What is the Internet? A large group of computers that link together to form the Worldwide Area Network (WAN)
Managing Your Website C/IL 102. Managing Your Website  Where are things?  Building your website (on your PC)  You can see it  You can edit it  No.
Exploring Office 2003 – Grauer and Barber HTML And Basic Web page.
Application Layer Khondaker Abdullah-Al-Mamun Lecturer, CSE Instructor, CNAP AUST.
Application Block Diagram III. SOFTWARE PLATFORM Figure above shows a network protocol stack for a computer that connects to an Ethernet network and.
Chapter 23: ARP, ICMP, DHCP CS332, IS333 Spring 2014.
Introduction to Internet. Chapter 1 Objectives Origins of the Internet Packets and Routers TCP/IP DNS HTTP URL Client-Server.
Presented by Rebecca Meinhold But How Does the Internet Work?
TCP/IP (Transmission Control Protocol / Internet Protocol)
Sniffer, tcpdump, Ethereal, ntop
1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Dynamic Host Configuration Protocol (DHCP)
Networking Material taken mainly from HowStuffWorks.com.
Networks Part 2: Infrastructure + Protocols NYU-Poly: HSWP Instructor: Mandy Galante.
Networks Part 1: Naming NYU-Poly: HSWP Instructor: Mandy Galante.
Individual Project 1 Sarah Pritchard. Fran, a customer of your company, would like to visit your company’s website from her home computer… How does your.
1. Layered Architecture of Communication Networks: TCP/IP Model
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Internet Flow By: Terry Hernandez. Getting from the customers computer onto the internet Internet Browser
How Information Flows via the Internet By: Lee Farrell.
- 1 - DPNM Review of Important Networking Concepts J. Won-Ki Hong Dept. of Computer Science and Engineering POSTECH Tel:
How Web Servers and The Internet Work The Basic Process.
INTERNET APPLICATIONS CPIT405 Install a web server and analyze packets.
End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: interne t interface DNS server IP:
Windows Server 2003 { First Steps and Administration} Benedikt Riedel MCSE + Messaging
Networks Problem Set 3 Due Nov 10 Bonus Date Nov 9
Instructor Materials Chapter 5 Providing Network Services
Lab 2: Packet Capture & Traffic Analysis with Wireshark
Due: a start of class Oct 12
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Networks Problem Set 3 Due Oct 29 Bonus Date Oct 26
Due: a start of class Oct 26
BOOTP and DHCP Objectives
Vocabulary Prototype: A preliminary sketch of an idea or model for something new. It’s the original drawing from which something real might be built or.
Web Development & Design Chapter 1, Sections 4, 5 & 6
How Data Flows through the Internet
2 - IP Routing.
Wireshark(Ethereal).
Computer Networks Protocols
Presentation transcript:

Networks Part 3: Packet Paths + Wireshark NYU-Poly: HSWP Instructor: Mandy Galante

Getting to Google When a user plugs their computer into a network and types “ into their browser – what happens behind the scenes? Let’s trace the steps it takes to get to M. Galante – CSAW HSWP 2014

Step One 1. Your computer is set to get its IP configuration dynamically, so it sends out a DHCP request. The network DHCP server responds with: - IP address - Subnet mask - Default gateway IP address - DNS server IP address M. Galante – CSAW HSWP 2014

Step Two Your computer sends a request to the DNS server asking it to provide an IP address for the FQDN Try this: in a command prompt, type nslookup [ENTER] the answer will tell you who provides your DNS service M. Galante – CSAW HSWP 2014

Step 3 Your computer creates a packet that includes: the source IP address the destination IP address the protocol (HTTP) the destination port number (80) NOTE: the packet has a LOT more stuff, but this will do for now. Photo credit:: M. Galante – CSAW HSWP 2014

Step 4 Your PC now needs a MAC address, but it cannot get it from an ARP request because the destination IP address is not in our network. (How do we know?)* SO...your computer uses the MAC address of the default gateway. YOU Source IP address: Source Mac address: A1:FF:32:5A:EC:AA Destination IP address: Destination Mac address: C2:3D:57:80:A0:EE A1:FF:32:5A:EC:AA C2:3D:57:80:A0:EE Default Gateway M. Galante – CSAW HSWP 2014

Step 5 The default gateway is a router which is configured to have knowledge of other networks near it. Using a special set of protocols to communicate with other routers, it decides to send your packet to the “closest” router. The routers keep handing off your packet until it reaches its destination. YOU Default Gateway M. Galante – CSAW HSWP 2014

Step 6 HTTP is a connection–oriented protocol so the Google web server and the host PC go through a 3-way handshake to negotiate the TCP connection. Then the browser starts to access the html page which will result in LOTS of packets being downloaded. Remember – a browser is a piece of software that follows the html instructions to build the page you see. A website is not just a “document” or “page” – it is an infrastructure of text, formatting, pictures, links and often much more. Image credit: M. Galante – CSAW HSWP 2014

Step 7 – we see a web page! Google sends parts of web page as packets and the browser builds those to show on the screen as the Google Home Page. We can see the delivery of the page using a Firefox add-on called LiveHTTPHeaders M. Galante – CSAW HSWP 2014

Activity 3 Examining Packets with Wireshark M. Galante – CSAW HSWP 2014

Wireshark is a network packet analyzer aka – a packet sniffer It captures packets and makes it possible for the user to examine all parts of that packet, including: IP address info Protocols and ports Actual data from inside the packet It is FREE and works well on all operating systems Activity 3 M. Galante – CSAW HSWP 2014

Activity 3 Goals 1. Reinforce your understanding of how packets and packet delivery work. 2. Introduce the basic concepts necessary to using Wireshark 3. The external HDD will be used - it has a virtual machine named ICS_Win7. It contains some network capture files and Wireshark software which is a tool to examine those files M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 Exercise #1 will be follow along – open your ICS7 VM and then go into the PcapFiles folder. Doubleclick on the CSAW_Pcap1.pcap file – this will open up Wireshark and that specific packet capture. It should look something like this  notice the 3 sections 1 Packet List 2 Packet Details 3 Packet Bytes M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 The Packet List pane gives a chronological list of every packet captured. Includes time, source & destination IP addresses, Protocol and very basic Info The Packet Details pane gives more specific info about each packet, grouping the info by the layers used. Here we can find MAC addresses, ports, and some text data. The Packet Bytes pane (aka the Data pane) shows the data that was carried in the packet. The data is shown in hexadecimal (middle) and text (right). M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 In the Packet List Pane Find the “connectivity” packets Source + Destination IP addresses = packet 1 ARP = packets 2 & 3 3-way handshake = packets 12 – 14 (there are many more) M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 In the Details Pane, identify the following: Source and destination MAC addresses Click to open the Ethernet II subsection What kind of protocol is being used and what ports M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 In the Bytes Pane, what data can we find? The confusing way... read /skim over each byte section in each packet. (this is packet #50) The much easier way... Right click on the first packet in the message – select Follow TCP Stream Make sure to click CLEAR when done with this TCP stream M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 1 Check for password or user text strings Edit | Find Packet See all websites visited by this host: > Statistics | HTTP | Load Distribution and type http.host Now look at the "HTTP Requests by HTTP Hosts". This will show you all the HTTP type traffic in this capture. Extract objects like pictures or attachments from the HTTP stream File->export->objects->http Three other ways to find info in Wireshark M. Galante – CSAW HSWP 2014

Activity 3 – Exercise 2 & 3 Use Pcap2 and Pcap3 files to answer questions on handout M. Galante – CSAW HSWP 2014

Use of these materials is free with attribution. Questions or comments: M. Galante – CSAW HSWP 2014

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.