ISS LAB 1

1.) list three different protocols that appear in the protocol column in the
unfiltered packing listing window
2.) how long did it take when the http get msg was sent until the http ok reply was
received
3.) what is the ip address of ur system through which the wireshark accepts the
network traffic
4.) print the two http msgs get and ok
5.) what version of http is your browser running
6.) what version of http is your server running
7.) what is the status code written from the server to your browser
8.) when was the html file that u r retrieving last modify by the server
9.) how many bytes of content are being returned to your browser
LAB-2
1.)how many http get msg sent by ur browser
2.) HOW MANY TCP SEGMENTS NEEDED TO CARRY THE SINGLE HTTP RESPONSE
3.)WHST IS THE SIZE OF EACH TCP SEGMENT
4.)WHAT IS THE STATUS CODE AND THE PHRASES ASSOCIATED WITH THE RESPONSE TO THE HTTP
GET RQST

PASSWORD SNIFFING
techpanda.org
zero.webappsecurity.com
gmail.com

BRUTE FORCE ATTACK DETECTION USING WIRESHARK

LAB EXAM
1.)Inspect the content of the first http get rqst from ur browser to ur server is
there an IF-MODIFIED-SINCE header in the line of http get msg. why or why not?
2.)Inspect the contents of the server response, has the server explicitly returned
the contents of the file how can u tell this?
3.)Inspect the contents of the secons http get rqst from ur browser to the server.
Is there an IF-MODIFIED-SINCE header line in the http GET msg. If so what
information follows the IF-MODIFIED-SINCE header line
4.)How can u tell whether ur browser has downloaded 2 images serially or whether
they have been downloaded from two websites in parallel
5.)Identify the tcp segments that are used to initiate the tcp connection between
the client computer and any website
a)How many segments are used
b)What is in the tcp header taht identifies each segment as a handshaking
segment
6.)Considering the tcp segment containing the http post, what are the sequence
numbers of the first six data carrying segment in the tcp connection(including the
segment cotaining the http post)
7.)When browser sends the http get msg for the second time, what new field is
included in the message
8.)whta is the sequence number of the tcp SYN segment that is used to initiate the
tcp connection. What is in the segment that identifies the segment as a SYN
segment?
9.) what is the sequence number of the SYN ACK segment sent by the website to
client computer in reply to the SYN?
10.)If u try password sniffing for any secure website like gmail or facebook no
http post rqst is captured, even the get rqst is also not always captured, Why?