We are going to look at the packet number 1 in more detail. In packet 10 the server acknowledges the of the client. The client sends a to acknowledge the of the server and send a on its own. After the webpage is transmitted from the server to the client, the server sends a to signalize the termination of the connection from its side. Starting with packet 8, we can see a typical connection termination. Packet 6 transmits the webpage data to the client, who acknowledges the receipt in packet 7. In packet number 4, we can see a GET request from the client to the server, being acknowledged by the server in packet 5. In the first three packets, we can see the previously described TCP three-way handshake (, , ) for the connection establishment. These are all the packets going back and forth between our client (10.10.10.2) requesting a webpage from our webserver (10.10.10.1). For our convenience, we will hide non relevant packets with a display filter in Wireshark: ip.addr = 10.10.10.1 & tcp.port = 80 Capturing packetsĪfter accessing the webserver with our client’s browser, we observe all packets going from or to our server on port 80 with the help of Wireshark: It doesn’t matter on which of those two systems you use Wireshark, as the communication between them is the same. We will listen into this communication with the help of Wireshark, a widely-used network protocol analyzer. The webserver is serving a simple HTML website, which will be requests by a browser from the client. You could also use only one system, however, then the source and destination IP address would be the same, making the analysis less intuitive. For this, we will use two machines, one as a (web-) server, the other one as client. To analyze TCP/IP packets, we are going to setup a small test environment. You will see, that a lot of bits and bytes in packets will make much more sense. In this chapter we are going to have a close look at some captured network packets and apply our knowledge from the previous parts of this series on them.
0 kommentar(er)
