---
date: '2025-01-31'
description: and first assignment.
id: a1
modified: 2026-06-05 15:08:40 GMT-04:00
tags:
  - sfwr4c03
title: tools and wireshark
created: '2025-01-31'
published: '2025-01-31'
pageLayout: default
slug: thoughts/university/twenty-four-twenty-five/sfwr-4c03/a1
permalink: https://aarnphm.xyz/thoughts/university/twenty-four-twenty-five/sfwr-4c03/a1.md
generator:
  quartz: v4.6.0
  hostedProvider: Cloudflare
  baseUrl: aarnphm.xyz
full: https://aarnphm.xyz/llms-full.txt
---
## HTTP GET/response

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/GET-1.webp|Initial GET response from server]]

> \[!question\] is your browser running HTTP version 1.0 or 1.1? What version of HTTP is the server running?

They both uses HTTP/1.1 as the server’s response show `HTTP/1.1 200 OK`

> \[!question\] What languages (if any) does the browser indicate that it can accept to the server?

It accepts locale `en-GB`

> \[!question\] What is the IP address of your computer? of the `www.cas.mcmaster.ca` server?

| Device   | IP Address      |
| -------- | --------------- |
| Computer | `192.168.2.23`  |
| Server   | `130.113.68.10` |

> \[!question\] What is the status code returned from the server to your browser?

200

> \[!question\] When was the HTML file that you are retrieving last modified at the server?

From the header, `Last-Modified` show `Sun, 10 Jan 2021 18:05:48 GMT`

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/frame-18951.webp|Frame 18951]]

> \[!question\] How many bytes of content are being returned to your browser?

For `text/html` it returns 446 bytes, whereas for `text/plain` it was 1253 bytes

> \[!question\] By inspecting the raw data in the packet content window, do you see any headers within the data that are not displayed in the packet-listing window? If so, name one.

The packet-listing windows doesn’t show the full headers comparing to the detailed raw data. One example is `Accept-Encoding: gzip, deflate\r\n`, which indicates the type of content encoding/compression that the browser can handle.

## HTTP CONDITIONAL GET/response interaction

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/not-modified.webp|not modified requests]]

> \[!question\] How many HTTP GET requests were sent?

There are two GET requests sent, according to two refreshes.

> \[!question\] How many HTTP response messages were received?

There are two responses received.

> \[!question\] If multiple response messages were received, what are the difference between them?

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/s2s-compare.webp|Side-by-side comparison]]

Seems like the difference relies on `Keep-Alive` header, as well as the date it was being accessed (given that they are executed consecutively.)

## Long documents

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/long-dcs.webp|Long documents]]

> \[!question\] How many HTTP GET request messages did you browser send? Which packet number in the trace contains the GET message for the Bill of Rights?

1 GET req, with packet number 2459.

> \[!question\] Which packet number in the trace contains the status code and phrase associated with the response to the HTTP GET request?

Packet number 2466, with the phrase “HTTP/1.1 200 OK”

> \[!question\] What is the status code and phrase in the response?

Status code 200 and phrase “HTTP/1.1 OK”

> \[!question\] How many data-containing TCP segments were needed to carry the single HTTP response and the text of the Bill of Rights?

7 TCP segments, from 2460-2467 (with 2461, 2463, 2464 as TCP PDU)

## HTML documents with Embedded Objects

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/embedded-object.webp|GET with Embedded objects]]

> \[!question\] How many HTTP GET request messages did your browser send? To which Internet addresses were these GET requests sent?

3 GET request, to `130.113.68.10`, `23.10.168.63`, and `128.119.245.12`

> \[!question\] Can you tell whether your browser downloaded the two images serially, or whether they were downloaded from the two web sites in parallel? Explain.

The packets 182 and 186 are sent almost simultaneously, meaning parallel downloading (as their are essentially no waiting period between requests) (also known as _pipelining_ in web browser.)

## HTML Authentication

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/auth-req.webp]]

> \[!question\] What is the server’s response (status code and phrase) in response to the initial HTTP GET message from your browser?

Returns 401 with “HTTP/1.1 401 Authorization Required”, indicating there are authentication involved.

> \[!question\] When your browser’s sends the HTTP GET message for the second time, what new field is included in the HTTP GET message?

While the second GET request gives the same field, until the last GET request (8863) it then included the headers `Authorization` as password

![[thoughts/university/twenty-four-twenty-five/sfwr-4c03/authorization-password.webp]]