a) Compare the destination port in the TCP packet in frame 3 with the destination port in the TCP packet in frame 12. What difference do you see? What does this tell you about the difference in the two requests?
The destination port in the TCP packet in frame 3 is HTTP (80) and in frame 12 is HTTPS (443). The request in frame 3 is a normal request but the request in frame 12 is a secure request.
The following table compares the two requests for web pages. For example, row i) shows that frames 1-2 and frames 8-9 represent the DNS lookups for each of the web requests.
Row www.yahoo.com
frames my.usf.com
frames Brief Explanation of Activity
i) 1-2 8-9 DNS Request to find IP address for common name & DNS Response
ii) 3-5 10-12 Three-way handshake
iii) -- 13-20
iv) 6 21 “Get” request for web page
v) 7 22 First packet from web server with web page content.
b) Explain what is happening in row “iii” above. Why are there no frames listed for yahoo in row “iii"?
Row “iii” in above table shows secure operations.
There are no frames listed for yahoo because it is not using SSL or secure page.
c) Look at the “Info” column on frame 6. It says: “GET / HTTP / 1.1. What is the corresponding Info field for the my.usf.com web request (frame 21)? Why doesn’t it read the same as in frame 6?
The corresponding Info field for the my.usf.com web request is “Application Data”.
It doesn’t read the same as in frame 6 because it is encrypted due to security reasons.
No comments:
Post a Comment