Nhm 29 Mng My tnh 1

I HC BCH KHOA H NI



BI TP LN
MNG MY TNH

Ging vin hng dn : TS. Ng Hng Sn
Nhm 29 : L Xun Thng Nht, 20072151, CNPM-K52
Trnh Th Lan Phng, 20062468, HTTT-K52
Nguyn Trng Duy, 20070514,TTM-K52
Nguyn Th Mai, 20071892 ,CNPM-K52






Nhm 29 Mng My tnh 2

Ni dung :

1. Gii thiu Wireshark..3
2. Wireshark Lab : DHCP...5
3. Wireshark Lab : DNS...8
4. Wireshark Lab : Ethernet & ARP.14
5. Wireshark Lab : HTTP....22
6. Wireshark Lab : ICMP....27
7. Wireshark Lab : IP............32
8. Wireshark Lab : TCP........37
9. Wireshark Lab : UDP.......45




Ch : Phn cng cng vic
1. L Xun Thng Nht : Ethernet & ARP, HTTP
2. Trnh Th Lan Phng : TCP, UDP
3. Nguyn Th Mai : DHCP, DNS
4. Nguyn Trng Duy : ICMP, IP


Nhm 29 Mng My tnh 3

1. Gii thiu Wireshark
S hiu bit v cc giao thc thng c th c o su hn bng cch seeing protocols
in action v playing around with protocols quan st chui cc message trao i gia 2
thc th protocols, i su hn cc chi tit v hnh ng ca protocl v khin cho protocol
thc thi cc hnh ng c th no ri xem xt h qu gy ra. N c th c thc hin
trong nhng kch bn c m phng hoc mi trng mng thc nh internet.
Trong Wireshark lab chng ti theo cc tip cn sau. Bn s quan st giao thc mng trong
my tnh ca bn in action, tng tc v trao i message vi cc giao thc khc trn
internet. V th bn v my tnh ca bn s l 1 phn ca live lab . Bn s quan st, bn
s hc, bng cch lm.
1 cng c c bn quan st cc message c truyn gia cc thc th giao thc c gi
l packet sniffer. Nh tn gi gi , 1 packet sniffer bt (capture hay sniffs) message ang
c gi/nhn t/ti my tnh ca bn; n s cha v/hoc hin th ni dung ca cc
trng giao thc trong cc message b bt. 1 packet sniffer t n l b ng. N quan st
cc message ang c gi v nhn bi cc ng dng v cc giao thc ang chy trn my
tnh ca bn, nhng khng bao gi t gi nhng packet chnh n. Tng t, packet c
nhn khng bao gi c a ch ha r rng ti packet sniffer. Thay vo , 1 packet
sniffer nhn 1 bn copy ca cc packet ang c gi hoc nhn t/ti ng dng v
protocol ang chy trn my tnh ca bn.
Hnh 1di y ch ra cu trc ca 1 packet sniffer . Bn phi l cc giao thc(trong
trng hp ny, cc giao thc Internet) v cc ng dng (nh web browser hay ftp clietn)
l nhng th thng chy trn my bn. packet sniffer l phn thm cho phn mm ca
bn, thng c 2 phn. the packet capture library nhn 1 bn copy ca mi khung lp lin
kt c gi hay nhn t my bn. Nhng message c truyn bi giao thc tng cao hn
nh HTTP,FTP,TCP,UDP,DNS hoc IP, tt c c ng gi thc s trong cc link-layer
frame, th c truyn thng qua thit b vt l nh cap ethernet. Trong hnh 1, thit b vt
l coi l cp ethernet, v v th tt c giao thc tng cao hn thc s c ng gi trong
frame Ethernet. Bt tt c cc link-layer frame a cho ta tt c cc message c gi, nhn
t/ ti tt c cc giao thc, ng dng ang thc thi trn my ca bn.
Nhm 29 Mng My tnh 4


Thnh phn th 2 ca packet sniffer l packet analyzer, th hin th tt c cc trng trong
1 thng ip giao thc. lm c vy, packet analyzer phi understand cu trc tt c
cc message c gi bi protocol. V d nh, cho rng chng ta quan tm ti hin th
nhiu trng trong cc message c gi bi giao thc HTTP trong hnh 1. Packet analyzer
hiu nh dng ca Ethernet frame v v th c th nh danh gi d liu IP (datagram) bn
trong Ethernet frame. N cng hiu nh dng ca gi d liu IP, v th n c th trch xut
ra TCP segment bn trong gi d liu IP. Tng t n hiu cu trc ca TCP segment v c
th trch rt ra thng ip HTTP cha trong . Cui cng n hiu giao thc HTTP v v th,
v d, hiu file u tin s cha cc chui GET,POST hay HEAD
Chng ta s s dng Wireshark packet sniffer [http://www.wireshark.org/]cho cc lab ny,
cho php chng th hin ni dung cc message ng c gi, nhn t/ti cc giao thc
cc mc khc nhau ca stack giao thc