Wireshark. Answer only deliverables below
Seeing the PDUs in Your Messages
We talked about how messages are transferred using layers and the different Protocol Data Units (PDUs) used at each layer. The objective of this Activity is for you to see the dif-
ferent PDUs in the messages that you send. To do this, we'll use Wireshark, which is one of the world's foremost network protocol analyzers, and is the de facto standard that most professional and education institutions use today. It is used for network troubleshooting, network analysis, software and communications protocol development, and general education about how networks work. computer, as well as some or all of the messages sent by other computers on your LAN, depending on how your LAN is designed. Most modern LANs are designed to prevent you from eavesdropping on other computer's messages, but some older ones still permit this. Normally, your computer will ignore the messages that are not addressed for your computer, but Wireshark enables you to eavesdrop and read messages sent to and from other computers.
Wireshark is free. Before you start this activity, download and install it from www.wireshark.org.
1. Start Wireshark.
2. Click on Capture and then Interfaces. Click the Start button next to the active interface (the one that is receiving and sending packets). Your network data will be captured from this moment on.
3. Open your browser and go to a Web page that you have not visited recently (a good one is www.iana.org).
4. Once theWeb page has loaded, go back toWireshark and stop the packet capture by clicking on Capture and then Stop (the hot key for this is Ctrl + E).
5. You will see results similar to those in Figure 1-9. There are three windows below the tool bar:
a. The top window is the Packet List. Each line represents a single message or packet that was captured by Wireshark. Different types of packets will have different colors. For example, HTTP packets are colored green. Depending on how busy your network is, you may see a small number of packets in this window or a very large number of packets.
b. The middle window is the Packet Detail. This will show the details for any packet you click on in the top window.
c. The bottom window shows the actual contents of the packet in hexadecimal format, so it is usually hard to read. This window is typically used by network programmers to debug errors.
6. Let's take a look at the packets that were used to request the Web page and send it to your computer. The application layer protocol used on the Web is HTTP, so we'll want to find the HTTP packets. In the Filter toolbar, type http and hit enter.
7. This will highlight all the packets that contain HTTP packets and will display the first one in Packet Detail window. Look at the Packet Detail window in Figure 1-9 to see the PDUs in the message we've highlighted. You'll see that it contains an Ethernet II Frame, an IP packet, a TCP segment, and an HTTP packet. You can see inside any or all of these PDUs by clicking on the +box in front of them. In Figure 1-9, you'll see that we've clicked the +box in front of the HTTP packet to show you what's inside it.
Deliverables
1. List the PDU at layers 2, 3, and 4 that were used to transmit your HTTP GET packet.
a. Locate your HTTP Get packet in the Packet List and click on it.
b. Look in the Packet Detail window to get the PDU information.
2. How many different HTTP GET packets were sent by your browser? Not all the HTTP packets are GET packets, so you'll have to look through them to
3. List at least five other protocols that Wireshark displayed in the Packet List window. You will need to clear the filter by clicking on the "Clear" icon that is on the right of the Filter toolbar.