Part 1: nslookup
1. nslookup 2chan.net
Server: ecsu-sv26.easternct.edu
Address: 10.40.4.44
2. nslookup -type=ns ox.ac.uk
Authoritive:
ns2.ja.net 193.63.105.17
3. This particular question caused a time out each time.
Part 3: Tracing DNS with Wireshark
4. They are both sent over UDP.
5. The destination port for the query is 53. The source port is also 53.
6. The DNS request is sent to 10.40.4.44. This is the same as my local DNS server.
7. It is a "standard query". There is no "answer" in the request.
8. There is one answer. It contains the site's hostname, IP address, time to live, and a few other things.
9. Yes, they are sent to the IP that is in the DNS query response.
10. Yes, there is a new DNS query for each image.
11. The destination port for the query is 53. The response port is also 53.
12. The query was sent to 10.40.4.44, which is the same as my local DNS server.
13. It is a standard DNS query. There are no "answers" in the DNS query.
14. The query response contains one answer, which has the same info as the other one. Hostname, IP address, time to live and other things.
15. Screenshot: http://img205.imageshack.us/img205/3815/wiresharkscreenshotq15.png
16. The DNS query is sent to 10.40.4.44, same as the others. Yes, this is my local DNS server.
17. It is a standard query, and doesn't contain any "answers"
18. The MIT nameservers it contains are: bitsy.mit.edu, strawb.mit.edu and w20ns.mit.edu. Yes, the IP addresses are also included.
19.Screenshot: http://img28.imageshack.us/img28/581/wiresharkscreenshotq19.png
20. As with the others before, the query is sent to 10.40.4.44, which is my local DNS server.
21. It is a standard query. It contains no answers.
22. The response contains one answer. The info in the answer is the same as all the other answers: Hostname, IP address, time to live and others.
23. Screenshot: http://img269.imageshack.us/img269/728/wiresharkscreenshotq23.png
Monday, March 12, 2012
Sunday, March 11, 2012
Wireshark Lab 2: HTTP
Part 1: The Basic HTTP GET/response interaction
1. My browser is running HTTP 1.1. (GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1\r\n). The server is running HTTP 1.1. (HTTP/1.1 200 OK\r\n)
2. My web browser accepts HTML, XHTML and XML.
(Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n)
3. My IP is 10.33.37.39, and the server's IP address is 128.119.245.12.
4. That status code returned by the server is 200, meaning connection is OK.
5. The file was last modified Sunday, March 11th, 2012 at 8:03 PM GMT. (Last-Modified: Sun, 11 Mar 2012 20:03:01 GMT\r\n)
6. 482 Bytes are being returned to my browser. (Frame 14: 482 bytes on wire (3856 bits), 482 bytes captured (3856 bits))
7. I do not see any differing headers in the packet content window and the packet listing window.
Part 2: The HTTP CONDITIONAL GET/response interaction
8. I do not see an "If Modified since" line.
9. The server doesn't appear to have explicitly returned the contents of the file.
10. There is an IF-MODIFIED-SINCE line. It is as follows: If-Modified-Since: Sun, 11 Mar 2012 20:22:02 GMT\r\n.
11. The response code is 304 Not Modified (HTTP/1.1 304 Not Modified\r\n). Once again, the server does not appear to have explicitly returned the contents of the file.
Part 3: Retrieving Long Documents
12. There were two HTTP GET request messages sent by my browser.
13. There were four TCP segments. (4 Reassembled TCP Segments (4803 bytes): #19(1460), #20(1460), #22(1460), #23(423))
14. The response was 200 OK for the first GET message, and 404 NOT FOUND for the second GET message.
15. There doesn't seem to be any HTTP response messages in the data transmission associated with a TCP induced "continuation"
Part 4: HTML documents with embedded objects
16. There were three GET messages sent out by my browser. One was sent to the gaia.umass server. One was sent to the aw-bc.com site, and the last one was sent to manic.cs.umass.edu.
17. I assume they were downloaded in parallel, as the time on the response messages for both images is identical.
Part 5: HTTP Authentication
18. The response to the first GET message is 401 Authentication Required.
19. The new field in the second GET message is a field called "Authorization" that appears to contain the username and password I used to log in.
1. My browser is running HTTP 1.1. (GET /wireshark-labs/HTTP-wireshark-file1.html HTTP/1.1\r\n). The server is running HTTP 1.1. (HTTP/1.1 200 OK\r\n)
2. My web browser accepts HTML, XHTML and XML.
(Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n)
3. My IP is 10.33.37.39, and the server's IP address is 128.119.245.12.
4. That status code returned by the server is 200, meaning connection is OK.
5. The file was last modified Sunday, March 11th, 2012 at 8:03 PM GMT. (Last-Modified: Sun, 11 Mar 2012 20:03:01 GMT\r\n)
6. 482 Bytes are being returned to my browser. (Frame 14: 482 bytes on wire (3856 bits), 482 bytes captured (3856 bits))
7. I do not see any differing headers in the packet content window and the packet listing window.
Part 2: The HTTP CONDITIONAL GET/response interaction
8. I do not see an "If Modified since" line.
9. The server doesn't appear to have explicitly returned the contents of the file.
10. There is an IF-MODIFIED-SINCE line. It is as follows: If-Modified-Since: Sun, 11 Mar 2012 20:22:02 GMT\r\n.
11. The response code is 304 Not Modified (HTTP/1.1 304 Not Modified\r\n). Once again, the server does not appear to have explicitly returned the contents of the file.
Part 3: Retrieving Long Documents
12. There were two HTTP GET request messages sent by my browser.
13. There were four TCP segments. (4 Reassembled TCP Segments (4803 bytes): #19(1460), #20(1460), #22(1460), #23(423))
14. The response was 200 OK for the first GET message, and 404 NOT FOUND for the second GET message.
15. There doesn't seem to be any HTTP response messages in the data transmission associated with a TCP induced "continuation"
Part 4: HTML documents with embedded objects
16. There were three GET messages sent out by my browser. One was sent to the gaia.umass server. One was sent to the aw-bc.com site, and the last one was sent to manic.cs.umass.edu.
17. I assume they were downloaded in parallel, as the time on the response messages for both images is identical.
Part 5: HTTP Authentication
18. The response to the first GET message is 401 Authentication Required.
19. The new field in the second GET message is a field called "Authorization" that appears to contain the username and password I used to log in.
Sunday, March 4, 2012
Programming Project 2: Part 1; SMTPconnection.java
package clavette;
import java.net.*;
import java.io.*;
import java.util.*;
/**
* Open an SMTP connection to a mailserver and send one mail.
*
*/
public class SMTPConnection {
/* The socket to the server */
private Socket connection;
/* Streams for reading and writing the socket */
private BufferedReader fromServer;
private DataOutputStream toServer;
private static final String localSMTPServer = "localhost";
private static final int SMTP_PORT = 25;
private static final String CRLF = "\r\n";
/* Are we connected? Used in close() to determine what to do. */
private boolean isConnected = false;
/* Create an SMTPConnection object. Create the socket and the
associated streams. Initialize SMTP connection. */
public SMTPConnection(Envelope envelope) throws IOException {
connection = new Socket(envelope.DestHost,SMTP_PORT);
fromServer = new BufferedReader(new InputStreamReader(connection.getInputStream()));
toServer = new DataOutputStream(connection.getOutputStream());
/* Read a line from server and check that the reply code is 220.
If not, throw an IOException. */
String SMTPResponse = fromServer.readLine();
System.out.println(SMTPResponse);
if(parseReply(SMTPResponse)!= 220)
{
throw new IOException();
}
/* SMTP handshake. We need the name of the local machine.
Send the appropriate SMTP handshake command. */
String localhost = "myMachine.nowhere.org";
sendCommand("HELO "+localhost,250);
isConnected = true;
}
/* Send the message. Write the correct SMTP-commands in the
correct order. No checking for errors, just throw them to the
caller. */
public void send(Envelope envelope) throws IOException {
sendCommand("MAIL FROM ", 250);
/* Send all the necessary commands to send a message. Call
sendCommand() to do the dirty work. Do _not_ catch the
exception thrown from sendCommand(). */
}
/* Close the connection. First, terminate on SMTP level, then
close the socket. */
public void close() {
isConnected = false;
try {
sendCommand("QUIT ",221); //has to be completed
// connection.close();
} catch (IOException e) {
System.out.println("Unable to close connection: " + e);
isConnected = true;
}
}
/* Send an SMTP command to the server. Check that the reply code is
what is is supposed to be according to RFC 821. */
private void sendCommand(String command, int rc) throws IOException {
toServer.writeBytes(command);
String SMTPResponse = fromServer.readLine();
if(parseReply(SMTPResponse)!= rc)
{
throw new IOException();
}
}
/* Parse the reply line from the server. Returns the reply code. */
private int parseReply(String reply) {
StringTokenizer myTokenizer = new StringTokenizer(reply, " ");
String returnCodeString = myTokenizer.nextToken();
int returnCodeInt = Integer.parseInt(returnCodeString);
return returnCodeInt;
}
/* Destructor. Closes the connection if something bad happens. */
protected void finalize() throws Throwable {
if(isConnected) {
close();
}
super.finalize();
}
}
import java.net.*;
import java.io.*;
import java.util.*;
/**
* Open an SMTP connection to a mailserver and send one mail.
*
*/
public class SMTPConnection {
/* The socket to the server */
private Socket connection;
/* Streams for reading and writing the socket */
private BufferedReader fromServer;
private DataOutputStream toServer;
private static final String localSMTPServer = "localhost";
private static final int SMTP_PORT = 25;
private static final String CRLF = "\r\n";
/* Are we connected? Used in close() to determine what to do. */
private boolean isConnected = false;
/* Create an SMTPConnection object. Create the socket and the
associated streams. Initialize SMTP connection. */
public SMTPConnection(Envelope envelope) throws IOException {
connection = new Socket(envelope.DestHost,SMTP_PORT);
fromServer = new BufferedReader(new InputStreamReader(connection.getInputStream()));
toServer = new DataOutputStream(connection.getOutputStream());
/* Read a line from server and check that the reply code is 220.
If not, throw an IOException. */
String SMTPResponse = fromServer.readLine();
System.out.println(SMTPResponse);
if(parseReply(SMTPResponse)!= 220)
{
throw new IOException();
}
/* SMTP handshake. We need the name of the local machine.
Send the appropriate SMTP handshake command. */
String localhost = "myMachine.nowhere.org";
sendCommand("HELO "+localhost,250);
isConnected = true;
}
/* Send the message. Write the correct SMTP-commands in the
correct order. No checking for errors, just throw them to the
caller. */
public void send(Envelope envelope) throws IOException {
sendCommand("MAIL FROM ", 250);
/* Send all the necessary commands to send a message. Call
sendCommand() to do the dirty work. Do _not_ catch the
exception thrown from sendCommand(). */
}
/* Close the connection. First, terminate on SMTP level, then
close the socket. */
public void close() {
isConnected = false;
try {
sendCommand("QUIT ",221); //has to be completed
// connection.close();
} catch (IOException e) {
System.out.println("Unable to close connection: " + e);
isConnected = true;
}
}
/* Send an SMTP command to the server. Check that the reply code is
what is is supposed to be according to RFC 821. */
private void sendCommand(String command, int rc) throws IOException {
toServer.writeBytes(command);
String SMTPResponse = fromServer.readLine();
if(parseReply(SMTPResponse)!= rc)
{
throw new IOException();
}
}
/* Parse the reply line from the server. Returns the reply code. */
private int parseReply(String reply) {
StringTokenizer myTokenizer = new StringTokenizer(reply, " ");
String returnCodeString = myTokenizer.nextToken();
int returnCodeInt = Integer.parseInt(returnCodeString);
return returnCodeInt;
}
/* Destructor. Closes the connection if something bad happens. */
protected void finalize() throws Throwable {
if(isConnected) {
close();
}
super.finalize();
}
}
Subscribe to:
Posts (Atom)