Institute of Telecommunications Faculty of Electronics and Information Technology Warsaw University of Technology, March 2015 EINTE LAB EXERCISES LAB EXERCISE #1 - HTTP PREPARATIONS REMOTE SESSION Before starting the exercise, please familiarize yourself with the documents related to remote access to lab facilities (Remote Access User Guide) and lab resource reservation system (Resource Reservation User Guide). Before connecting to the remote virtual machine please make sure that Remote Desktop is configured such that it is possible to transfer files from the virtual machine to a local drive (appropriate local resources are attached in the connection options of the remote desktop session). It is necessary to transfer files (eg. Wireshark application logs) required to be attached to the final report. HTML BASICS You should familiarize yourself with basic elements of HTML; during the lab exercise it may be necessary to modify the source code of the web page. An example resource: http://www.w3schools.com/html/default.asp . HTTP BASICS You should be familiar with the basics of HTTP. This lab exercise consists of sending and receiving messages using HTTP. Protocol description can be found at http://www.ietf.org/rfc/rfc2616.txt. This text should be treated as a basic source of knowledge useful in the laboratory, however, is not required to read the entire document. WIRESHARK SNIFFER WireShark is a free and powerful protocol analyzer available under the GNU license for most popular operating systems (Windows, Unix, Linux, OS X). It allows observing and recording data units transmitted over the network interfaces of a computer. Institute of Telecommunications Faculty of Electronics and Information Technology Warsaw University of Technology, March 2015 The link http://www.wireshark.org/docs provides extensive documentation to the program. The basic options that may come in handy during the exercise are mostly related to packet filtering, for example by IP addresses: == ip.src 194.29.169.x == ip.dst 194.29.169.x Expressions may be combined using Boolean operators. Filtering allows to simplify the view by removing the information that is not important for current context. However, please be aware that by filtering one may not see some important messages, such as queries for host address etc. DETERMINING THE NETW ORK CONFIGURATION First step is to determine the configuration of your Virtual Machine (the MAC address, IP address, subnet mask, etc.) using ipconfig. Run the command line console by selecting "Start -> Run ...", enter cmd.exe and press Enter key. In Windows console run the ipconfig app by typing ipconfig / all. The IP address of the Web server from which the web page will be downloaded is 10.0.0.129. UDP-TCP-CONSOLE APPLICATION Normally, Web pages are downloaded using web browsers, such as Internet Explorer, Chrome or Firefox. In this exercise, the UdpTcpConsole application will be used to simulate the browser. You are required to send appropriate HTTP requests, read replies and re-create the entire final web page. In order to send a request to the server, a client connection has to be created using UdpTcpConsole application. In the “New” option box, select “TCP” as the protocol and “Client” as the role. Put the IP address of the Web server in “Remote Host” field and port number 80 in “Remote Port” field. The “Local Port” field should be set to any free port number, eg. 10001. Finally, you need to create a communication port (socket) and the client connection by clicking “Open”. Next, you should run WireShark analyzer and start listening. Packet filtering may be appropriately set (based on IP addresses of the web server and the client) to ease observations. Institute of Telecommunications Faculty of Electronics and Information Technology Warsaw University of Technology, March 2015 On the server, there is a file called index.php, which should be requested. After selecting a port from the list of the opened ports, enter the content of the request message in the “Text” field. The field already contains an example GET request, which should be modified, based on the knowledge of HTTP protocol (in terms of adequate complementary headers). Please note: A. All requests sent to server must contain the following header: User-Agent: UdpTcpConsole B. It is advised to remove the header: Connection: Close, from the example GET request of the UdpTcpConsole application After sending a request and receiving a response containing HTML code, copy the code into a text file (use notepad ++ program that provides minimal syntax highlighting). Save the file with the .html extension and open in any web browser. As you can see, the page lacks certain elements. In order to supplement them, you should review the HTML code to find all the resources that are used / shown on the page (images, sounds, videos, CSS, etc.). Download all of them using separate GET requests. Some of the collected items will be available directly through the UdpTcpConsole receive window, while some other elements have to be saved via the WireShark program. To do this, locate the appropriate 200 OK response and preview to find a relevant object (PNG, WAV, etc.). By right-clicking the Export Selected Packet Bytes ... command, save the data to a file with an appropriate extension (.png, .jpg, .wav, etc.) When all the items are collected, store them in a folder together with the base html code of the web page. Then you need to appropriately modify the paths to stored objects within the .html file, open the file using a browser and see if the page is displayed correctly. Please make a screenshot of the page rendered by the browser this way and attach it to the final report. The report should also contain a folder with .html file and all downloaded items. REPORT Please prepare a document (in PDF format) containing the description of actions taken during the exercise, observations and conclusions on the types of messages sent and received during communication with the web server (explaining what types of messages, when and in what order were sent). The report should also contain the relevant Wireshark dumps (in .pcap format) collected during the exercise, as well files mentioned earlier in this document.
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project