CPSC 471-05 Assignment
Introduction
At the heart of the communication involving a browser and a server, RFC 2616 defines the fundamental protocol that governs interactions between internet devices. The result was known asthe HTTP protocol. In this assignment, we will capture HTTP traffic using Wireshark packet sniffer and examine various HTTP header information and their applications in details.HTTP provides a very important feature that enables browser caching mechanism. The resultsare improved user’s experiences, significant reduction in communication link bandwidth requirement and expenses. We will observe HTTP caching mechanism interactions in detailsFinally, the benefit of network architectural design layering approach becomesclear when wedevelop internet-enabled applications that seamlessly exchange data betweenhost devicesacross the internet using socket programming.
Required Softwares Wireshark 4.4.0 or newer
Python 3.12.6 or newer.
Submission
Submit in Canvas only. Submission using other methods outside Canvas will not be accepted.
For this assignment, Canvas was set up to only accept .zip file.
Reminders:
Click on your submitted file in Canvas to download it back to your PC, and verify that the
submitted file is not corrupted and that it contains the exact files required from you for
this assignment.
Give yourself plenty of time to accomplish this. Running out of time, or submitting an in
correct file, corrupted file will be treated as No Submission.
File Size Limitation
Maximum allowable submission file size is 10MB. A penalty of 10% will be deducted for each 10
MB in excess of the allowed 10 MB limit.
Page 1 of 19Page 2 of 19
Submission Grace Period
According to our class syllabus you have a 24-hour window after the due-date time to submit
before the assignment closing-date time with a 10% late penalty.
Note: The assignment due date and time, and the assignment closing date and time are clearly
shown on Canvas. Once the assignment is closed you can no longer submit.
What To Submit
Submit one zip file using naming convention fullname.zip in Canvas.
The zip file shall contain all below listed files and must follow the naming convention as shown:
(1)
One PDF report file xxReport.pdf.
Note: This must be a Portable Document Format (PDF) file. Word documents are vul
nerable to macro viruses and may not be graded.
(2)
Wireshark capture file from Part 1a xxP1a.pcapng
(3)
Wireshark capture file from Part 1b xxP1b.pcapng
(4)
Wireshark capture file from Part 1c xxP1c.pcapng
(5)
Wireshark capture file from Part 1d xxP1d.pcapng
(6)
Wireshark capture file from Part 1e xxP1e.pcapng
(7)
Python UDP client code file from Part 2a xxP2a.py
(8)
Python UDP server code file from Part 2b xxP2b.py
(9)
Python UDP server code file from Part 2c xxP2c.py
where xx is your first name and last name initials.
Hints: Use the standard compression utility already available from your PC Operating System to
produce the zip file. That way the submitted zip file can be opened for grading using standard
Windows OS built-in uncompress utility.
Page 3 of 19Part 1: Analyzing HTTP Messages using Wireshark
Part 1a: Basic HTTP GET/response interaction
Let’s begin our exploration of HTTP by downloading a very simple HTML file - one that is very
short and contains no embedded objects. Do the following Start up your web browser. Start up the Wireshark packet sniffer. Enter “http” (just the letters, not the quotationmarks) in the display-filter-specification window, so that only captured HTTPmessageswill be displayed later in the packet-listing window.
Wait a bit more than one minute (we’ll see why shortly), and then begin Wireshark
packet capture.
Quickly enter the following to your browser
http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file1.html
Your browser should display the very simple, one-line HTML file Quickly stop Wireshark packet capture and save the Wireshark capture in file
xxP1a.pcapng.
Very Important notes on keeping captured files small:
Start capture only when ready
Stop capture immediately after you got what you wantedPage 4 of 19Your Wireshark window should look similar to the window shown in Figure 1.
Figure 1: Wireshark Display after http://gaia.cs.umass.edu/wireshark-labs/ HTTP-wireshark
file1.html has been retrieved by your browser.The example in Figure 1 shows in the packet-listing window that two HTTP messages were captured: the GET message (from your browser to the gaia.cs.umass.edu web server) and the response message from the server to your browser. The packet-contents window shows details ofthe selected message (in this case the HTTP OK message, which is highlighted in the packetlisting window). Recall that since the HTTP message was carried inside a TCPsegment, whichwas carried inside an IP datagram, which was carried within an Ethernet frame, Wireshark displays the Frame, Ethernet, IP, and TCP packet information as well. We want to minimize theamount of non-HTTP data displayed, so make sure the boxes at the far left of the Frame, Ethernet, IP and TCP information have a plus sign or a right-pointing triangle (which means there ishidden, not displayed information), and the HTTP line has a minus sign or a down-pointing trian
le (which means that all information about the HTTP message is displayed).
(Note: You should ignore any HTTP GET and response for favicon.ico. If you see a reference to this file, itis your browser automatically asking the server if it (the server)has a small icon file that should be displayed next to the displayed URL in your browser. We’ll ignore references to this pesky file.)
Page 5 of 19
Part 1a Items To Submit
Include the Wireshark capture file xxP1a.pcapng in the submission zip file.In the PDF file report, create a section called Part 1a – Basic HTTP GET/responseinteraction.Include answers for Part 1a questions below.
By looking at the information in the HTTP GET and response messages, answer the followingquestions.When answering each question, you should include the screen capture of the GET and responsemessages and graphically circle or highlight to indicate where within the message the requestedinformation came from.
(1) Is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the serverrunning?
(2) What languages (if any) does your browser indicate that it can accept to the server?
(3) What is the IP address of your computer? Of the gaia.cs.umass.edu server?
(4) What is the status code returned from the server to your browser?
(5) When was the HTML file that you are retrieving last modified at the server(6) How many bytes of content are being returned to your browser?
(7) By inspecting the raw data in the packet content window, do you see any headers within
the data that are not displayed in the packet-listing window? If so, name one.
In your answer to question 5 above, you might have been surprised to find that the document
you just retrieved was last modified within a minute before you downloaded the documenthat’s because (for this particular file), the gaia.cs.umass.edu server is setting the file’s lastmodified time to be the current time and is doing so once per minute. Thus, if you wait a minute
between accesses, the file will appear to have been recently modified, and hence your browserwill download a “new” copy of the document.Page 6 of 19
Part 1b: The HTTP CONDITIONAL GET/response interaction
Recall from Section 2.2.5 of the textbook, that most web browsers perform object caching and
hus perform a conditional GET when retrieving an HTTP object. Before performing the stepsbelow, make sure your browser’s cache is empty by clearing its cache. Now perform the following: Start up your web browser, and make sure your browser’s cache was cleared, as dis
cussed above.
Begin Wireshark capture
Enter the following URL into your browser
http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file2.html
Your browser should display a very simple five-line HTML file.
Quickly enter the same URL into your browser again (or simply select the refresh buttonon your browser) Stop Wireshark capture and enter “http” in the display-filter-specification window, soat only captured HTTP messages will be displayed later in the packet-listing window.
ave the Wireshark capture in file xxP1b.pcapng.
Part 1b Items To Submit
Include the Wireshark capture file xxP1b.pcapng in the submission zip file.
n the PDF file report, Create a section called Part 1b: The HTTP CONDITIONAL GET/response nteraction. Include answers for Part 1b questions below:
(1) Inspect the contents of the first HTTP GET request from your browser to the server. Doyou see an “IF-MODIFIED-SINCE” line in the HTTP GET?
(2) Inspect the contents of the server response. Did the server explicitly return the contents
of the file? How can you tell?
(3) Now inspect the contents of the second HTTP GET request from your browser to the
server. Do you see an “IF-MODIFIED-SINCE:” line in the HTTP GET? If so, what infor
mation follows the “IF-MODIFIED-SINCE:” header?
(4) What is the HTTP status code and phrase returned from the server in response to this
second HTTP GET? Did the server explicitly return the contents of the file? Explain.
Part 1c: Retrieving Long Documents
In our examples thus far, the documents retrieved have been simple and short HTML files. Let’s
next see what happens when we download a long HTML file. Do the following:
Start up your web browser, and make sure your browser’s cache is cleared. Begin Wireshark capture
Enter the following URL into your browserhttp://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file3.html
Your browser should display the rather lengthy US Bill of Rights.
Stop Wireshark capture and enter “http” in the display-filter-specification window, sothat only captured HTTP messages will be displayed. Save the capture in file
xxP1c.pcapng
In the packet-listing window, you should see your HTTP GET message, followed by a multiple
packet TCP response to your HTTP GET request. This multiple-packet response deserves a bit ofxplanation. Recall from Section 2.2 (see Figure 2.9 in the textbook) that the HTTP responsemessage consists of a status line, followed by header lines, followed by a blank line, followed bythe entity body. In the case of our HTTP GET, the entity body in the response is the entire requested HTML file. In our case here, the HTML file is rather long, and at 4500 bytes is too largeto fit in one TCP packet. The single HTTP response message is thus broken into several pieces byTCP, with each piece being contained within a separate TCP segment (see Figure 1.24 in the
textbook). In recent versions of Wireshark, Wireshark indicates each TCP segment as a separate
packet, and the fact that the single HTTP response was fragmented across multiple TCP packet indicated by the “TCP segment of a reassembled PDU” in the Info column of the Wireshark
iplay. Earlier versions of Wireshark used the “Continuation” phrase to indicate that the entire
ontent of an HTTP message was broken across multiple TCP segments. We stress here that
Part 1c Items To Submit
Include the Wireshark capture file xxP1c.pcapng in the submission zip file.In the PDF file report, Create a section called Part 1c: Retrieving Long Documents. Include answers for Part 1c questions below.
(1) How many HTTP GET request messages did your browser send? Which packet numbern the trace contains the GET message for the Bill or Rights?
(2) Which packet number in the trace contains the status code and phrase associated withthe response to the HTTP GET request?
(3) What is the status code and phrase in the response?
Page 7 of 19Page 8 of 19
(4) How many data-containing TCP segments were needed to carry the single HTTP re
sponse and the text of the Bill of Rights?
Page 9 of 19
Part 1d: HTML Documents with Embedded Objects
Now that we’ve seen how Wireshark displays the 代寫CPSC 471-05 HTTP protocol captured packet traffic for large HTML files,we can look at what happens when your browser downloads a file with embedded objects, i.e.,a file that includes other objects (in the example below, image files) thatare stored on another
server(s).Perform the following:
Start up your web browser, and make sure your browser’s cache is cleared
Begin Wireshark capture
Enter the following URL into your browser
http://gaia.cs.umass.edu/wireshark-labs/HTTP-wireshark-file4.htmlYour browser should display a short HTML file with two images. These two images arereferenced in the base HTML file. That is, the images themselves are not contained inthe HTML; instead, the URLs for the images are contained in the downloaded HTML file.Asdiscussed in the textbook, your browser will have to retrieve these logos from the in
dicated web sites. Our publisher’s logo is retrieved from the gaia.cs.umass.edu web
site. The image of the cover for our 5th edition (one of our favorite covers) is stored at
the caite.cs.umass.edu server. (These are two different web servers inside
cs.umass.edu).
Stop Wireshark capture and enter “http” in the display-filter-specification window, so
hat only captured HTTP messages will be displayed. Save the capture in file
xxP1d.pcapng
Part 1d Items To Submit
Include the Wireshark capture file xxP1d.pcapng in the submission zip file.In the PDF file report, Create a section called Part 1d: HTML Documents with Embedded Objects. Include answers for Part 1d questions below.
(1) How many HTTP GET request messages did your browser send? To which Internet addresses were these GET requests sent?
(2) Can you tell whether your browser downloaded the two images serially, or whetherthey were downloaded from the two web sites in parallel? Explain.
Part 1e: HTTP Authentication Finally, let’s try visiting a web site that is password-protected and examine the sequence ofHTTP message exchanged for such a site. The URLhttp://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html is pass
word protected. The username is “wireshark-students” (without the quotes), and the passwordis “network” (again, without the quotes). So, let’s access this “secure” password-protected site.
Do the following:
Make sure your browser’s cache is cleared, and close your browser. Then, start up yourbrowser Begin Wireshark capture Enter the following URL into your browserhttp://gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html
Type the requested username and password into the pop up box.
Stop Wireshark capture and enter “http” in the display-filter-specification window, sothat only captured HTTP messages will be displayed later in the packet-listing window.Save the capture in file xxP1e.pcapng Now let’s examine the Wireshark output. You might want to first read up on HTTP authentica
tion by reviewing the easy-to-read material on “HTTP Access Authentication Framework” at
http://frontier.userland.com/stories/storyReader$2159
Part 1e Items To Submit
Include the Wireshark capture file xxP1e.pcapng in the submission zip file.
In the PDF file report, Create a section called Part 1e: HTTP Authentication. Include answers for
Part 1e questions below.
(1) What is the server’s response (status code and phrase) in response to the initial HTTP
GET message from your browser?
(2) When your browser’s sends the HTTP GET message for the second time, what new field
is included in the HTTP GET message?The username (wireshark-students) and password (network) that you entered are encoded inthe string of characters (d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=) following the “Author
ization: Basic” header in the client’s HTTP GET message. While it may appear that yourusername and password are encrypted, they are simply encoded in a formatknown as Base64
format. The username and password are not encrypted! To see this, go tohttp://www.motobit.com/util/base64-decoder-encoder.asp and enter the base64-encoded
Page 10 of 19Page 11 of 19string d2lyZXNoYXJrLXN0dWRlbnRz and decode. Voila! You have translated from Base64 en
coding to ASCII encoding, and thus should see your username! To view the password, enter theremainder of the string Om5ldHdvcms= and press decode. Sinceanyone can download a toolke Wireshark and sniff packets (not just their own) passing by their network adaptor, and anyone can translate from Base64 to ASCII (you just did it!), it should be clear to you that simpleasswords on WWW sites are not secure unless additional measures are taken.
Page 12 of 19
Part 2: Socket Programming
Part 2a: UDP Pinger with No Delay and No Loss
In this portion, you will learn the basics of socket programming for UDP in Python. You will learnhow to send and receive datagram packets using UDP sockets and, how to set a proper sockettimeout. Throughout the lab, you will gain familiarity with aPingapplication and its usefulnessin computing statistics such as packet loss rate.You will first study a simple Internet ping server written in the Python and implement a corresponding client. Thefunctionality provided by these programs is like the functionality providedby standard ping programs available in modern operating systems. However, these programsuse a simpler protocol, UDP, rather than the standard Internet Control Message Protocol (ICMP)to communicate with each other. The ping protocol allows a client machine to send a packet ofdata to a remote machine, and have the remote machine return the data back to the client unchanged (an action referred to as echoing). Among other uses, the ping protocol allows hosts todetermine round-trip times to other machines.You are given the complete code for the Ping server in the next subsection. Your task is to writethe UDP Ping client.
Server Code
You are provided with the following code which fully implements a ping server. You need to runthis code before running your client program. Your client code in thisportion of the assignmentwill be graded using this exact same server code (do not modify it for this portion of the assign
ment).
You should study this code carefully, as it will help you write your ping client code.
# udppingserver_no_loss.pyfrom socket import *
# Create a UDP socket
serverSocket = socket(AF_INET, SOCK_DGRAM)
# Assign IP address and port number to socket
serverSocket.bind(('', 12000))
while True:
# Receive the client packet along with the address it is coming from
message, address = serverSocket.recvfrom(1024)
# The server responds
serverSocket.sendto(message, address)
The server sits in an infinite loop listening for incoming UDP packets. When a packet comes in,
the server simply sends it back to the client.Page 13 of 19
Client Code
You task is to implement the client program as explained below.The client should send a specified number of pings to the server. Because UDP is an unreliableprotocol, a packet sent from the client to the server may be lost in the network, or vice versa.For this reason, the client cannot wait indefinitely for a reply to a ping message. You should getthe client wait up to one second for a reply; if no reply is received within one second, your clientprogram should assume that the packet was lost during transmission across the network. You
will need to look up the Python documentation to find out how to set the timeout value on adatagram socket.
Requirements for Client Code
The client program should:
send the ping message using UDP
print the response message from server if any was received
calculate and print the round-trip time (RTT), in milliseconds, of each packet if the server
responses
otherwise, print “Request timed out”
provide a sumAlice report at the end (of all pings) which includes:
o minimum RTT in milliseconds,
o maximum RTT in milliseconds,
o average RTT in milliseconds,
o percentage packet loss rateYou should run the udppingserver_no_loss.py on your machine and test your client by sending
packets to the localhost.
Ping Message Format
The client ping message is a one line, consisting of ASCII characters and must be in the follow
ing format:firstname ping_number date_and_timewhere:
firstname is your first name.ping_number starts at 1 and progresses to total number of pings for each successive ping message sent by the client, and time is the time when the client sends the message.
For example: The following is a sample display from the client program for student Alice.Alice 1: server reply: Alice 1 Fri Sep 13 09:00:15 2024, RTT = 3.99 msAlice 2: server reply: Alice 2 Fri Sep 13 09:00:15 2024, RTT = 0.00 msPage 14 of 19Notes: the blue text represents the response from the server upon receiving the ping message
(which is the message the server received from the client). The other texts are from the clienitself.
Refer to the Appendix section on the last page for samples and required data format.
Part 2a Items To Submit Include Part 2a Python client code file xxP2a.py in the submission zip file.
In the PDF file report, create a section called Part 2a – UDP Pinger with No Delay and No Loss.Include the followings:
(1) Describe the operation of your UDP Pinger, for example how it works.
(2) Explain how to specify the timeout value for a datagram socket. Provide an example.
(3) Explain how to run your code, i.e., command line and any applicable parameter(s)
- Include run-time screen captures for a sequence consists of 10 pings
Refer to the Appendix section on the last page for samples and required data for
mat.(4) Paste the Python client code listing text (must be text, not a screenshot graphic of thetext) in the report. Use consolas font size 10 or equivalent monospace font. The use ofthe monospace font is to clearly show indentations in your code.age 15 of 19
Part 2b: UDP Pinger with Delays
Delays Our experiment so far has been on a local host running both server and client programs, and
therefore we saw zero delays. In this portion of the assignment, you are asked to modify theserver code to simulate random RTT delays ranging from 10ms to 20ms. Hint: Create a variable which holds a randomized integer to determine the delay amount.
Part 2b Items To Submit
Include Part 2b Python server code file xxP2b.py in the submission zip file.In the PDF file report, create a section called Part 2b – UDP Pinger No Loss, with Delays. Includethe followings:(1) Describe the operation of your UDP Ping Server and explain how it simulates 10ms to
20ms RTT delays.
(2) Explain how to run your code, i.e., command line and any applicable parameter(s)
Include run-time screen captures for a sequence consists of 10 pingsRefer to the Appendix section on the last page for samples and required data
format.
(3) Paste the Python server code listing text (must be text, not a screenshot graphic of thetext) in the report. Use consolas font size 10 or equivalent monospace font. The use ofthe monospace font is to clearly show indentations in your code.Page 16 of 19
Part 2c: UDP Pinger with Delays and Packet Losses
Packet Loss Injection
UDP provides applications an unreliable transport service. Messages may get lost in the networkdue to router queue overflows, faulty hardware, or some other reasons. Because packet loss is
rare or even non-existent in typical campus or home networks, you are asked to modify theserver code in this portion of the assignment to inject artificial losses to simulate the effects ofnetwork packet loss.Hint: Create a variable which holds a randomized integer to determine whether a particular incoming packet is lost or not.
Part 2c Items To Submit Include Part 2c Python server code file xxP2c.py in the submission zip file.In the PDF file report, Create a section called Part 2c – UDP Pinger with Delays and Packet Loss
- es. Include the followings:
(1) Describe the operation of your UDP Ping Server and explain how it simulates delays between 10ms and 20ms, with up to 10% packet losses.
(2) Explain how to run your code, i.e., command line and any applicable parameter(s)Include run-time screen captures for a sequence consists of 50 pingsRefer to the Appendix section on the last page for samples and required data
format.(3) Paste the Python server code listing text (must be text, not a screenshot graphic of the
text) in the report. Use consolas font size 10 or equivalent monospace font. The use ofthe monospace font is to clearly show indentations in your code.Page 17 of 19
Appendix
All examples in this section use an arbitrary student named Alice.