Wireshark Labs

  • View
    169

  • Download
    2

Embed Size (px)

Transcript

TI LIU TH NGHIM MN HC

K THUT TRUYN S LIU(Phin bn cp nht ngy 3/12/2009. Ti liu phc v mn hc. Lu hnh ni b)

Bin son: PGS-TS Trn Xun Nam B mn Thng tin, Khoa V tuyn in t Hc vin K thut Qun s

H NI 2007

MC LCGII THIU ............................................................................................................................ 1 1.1 Mc ch................................................................................................................ 1 1.2 Ci t Wireshark.................................................................................................. 3 1.3 Khi ng Wireshark ............................................................................................ 3 1.4 Chy th Wireshark .............................................................................................. 5 1.5 Ni dung th nghim cn bo co.......................................................................... 8 GIAO THC TCP .................................................................................................................. 9 2.1 Mc ch................................................................................................................ 9 2.2 Phng php.......................................................................................................... 9 2.3 Chun b bi th nghim ........................................................................................ 9 2.4 2.5 Ni dung th nghim............................................................................................ 11 Ni dung kt qu th nghim cn np ................................................................. 22

GIAO THC IP .................................................................................................................... 24 Ti liu tham kho ............................................................................................................... 34 The Transmission Control Protocol.................................................................................. 35 Abstract ............................................................................................................................ 35 A1.1. Introduction ............................................................................................................ 35 A1.2. Connection Establishment and Termination .......................................................... 40 A1.2.1 Three-Way Handshake ..................................................................................... 41 A1.2.2 Data Transfer.................................................................................................... 42 A1.2.3 Connection Termination................................................................................... 42 A1.3. Sliding Window and Flow Control ........................................................................ 43 A1.4. Congestion Control................................................................................................. 44 A1.4.1 Slow Start ......................................................................................................... 44 A1.4.2 Congestion Avoidance ..................................................................................... 45 A1.4.3 Fast Retransmit................................................................................................. 46 A1.4.4 Fast Recovery ................................................................................................... 46 A1.5. Conclusions ............................................................................................................ 46 Abbreviations ............................................................................................................... 47 References .................................................................................................................... 48 IP Fragment............................................................................................................................ 49 A2.1 Introduction ................................................................................................................. 49 A2.2 IP Fragmentation and Reassembly .............................................................................. 49 A2.3 Issues with IP Fragmentation .................................................................................. 51

Bi 1: Gii thiu

Trang 1

Bi 1

GII THIU

1.1

Mc ch

Mc ch ca tp bi th nghim phn tch giao thc mng ny l gip cho hc vin nm vng qu trnh trao i d liu din ra gia cc giao thc thuc cc lp mng tng ng ca b giao thc TCP/IP s dng trong Internet. Cc bi th nghim phn tch giao thc mng s gip cho sinh vin trc tip thc hin thit lp cu hnh, thu kt d liu v phn tch kt qu, quan st chui cc bn tin trao i gia hai thc th (entities) giao thc, o su vo chi tit ca hot ng giao thc, v iu khin cc giao thc thc hin mt s hot ng nht nh ri quan st cc hot ng v hiu qu ca chng. Cc ni dung ny c th c thc hin theo hai phng php: m phng hoc phn tch mi trng mng thc. Trong phm vi bi th nghim ny chng ta s s dng phng php th hai nh s dng gi phn mm phn tch giao thc mng Wireshark. y l gi phn mm m m c s dng ph bin nhiu trng i hc v cc vin nghin cu trn th gii.1

Hc vin s chy mt s ng dng mng trong cc tnh hung khc nhau s dng my tnh trng hoc nh. Quan st cc giao thc mng s dng my tnh ca mnh hc vin c th trc tip tng tc v trao i bn tin vi cc thc th giao thc trn Internet. V vy, hc vin v my tnh s ng vai tr l mt phn tch hp ca cc bi th nghim thc ny. Thng qua bi th nghim hc vin s nm bt c kin thc nh qu trnh hc i i vi hnh. Cng c c bn quan st cc bn tin trao i gia cc thc th giao thc ang chp hnh c gi l packet sniffer. Mt chng trnh packet sniffer bt bn tin ang c pht/thu t/bi my tnh ca hc vin; n cng cho php lu gi v/hoc hin th ni dung ca cc trng giao thc ca cc bn tin bt c. Bn thn packet sniffer l mt chngNi dung cc bi th nghim trong ti liu ny c bin son li t ti liu do J.F.Kurose and Keith W. Ross bin son. xem ton b cc bi th nghim chi tit bng ting Anh, xin truy nhp a ch sau y: http://gaia.cs.umass.edu/ethereal-labs/(C)2007 Trn Xun Nam, Khoa V tuyn in t, Hc vin K thut Qun s1

Bi 1: Gii thiu

Trang 2

trnh th ng vi ngha l n ch quan st cc bn tin ang c pht v thu bi cc ng dng v giao thc ang chy trn my tnh ch khng t pht i cc gi tin. Mt cch tng t, cc bn tin cng khng bao gi c nh a ch n packet sniffer mt cch r rng (trc tip). Thay bng, mt packet sniffer nhn mt bn sao ca cc packet c pht/thu t/bi ng dng hay cc giao chc chy ang trn my tnh. Hnh 1.1 ch ra cu trc ca mt packet sniffer. bn phi ca Hnh 1.1 l cc giao thc (trong trng hp ny l cc giao thc Internet) v cc ng dng (v d nh trnh duyt web hay mt ftp client) thng chy trn my tnh. Packet sniffer c m t bn trong hnh ch nht t nt l mt phn chng trnh c ci t vo my tnh, v gm hai phn. Phn th vin bt gi tin (packet capture library) thu cc bn sao ca cc frame ca lp lin kt (link layer) c pht i hoc thu t my tnh. Theo l thuyt bi ging th cc bn tin trao i bi cc giao thc lp pha trn nh HTTP, FTP, TCP, UDP, DNS, hay IP u c ng gi vo cc frame ca lp lin kt c pht i qua mi trng vt l nh cp trong mng Ethernet chng hn. s Hnh 1.1, mi trng gi thit l Ethernet, v v vy, cc giao thc lp trn c ng gi vo trong mt Ethernet frame. Vic bt tt c cc frame ca lp lin kt cho php thu c tt c cc bn tin pht/thu t/bi tt c cc giao thc v ng dng ang chy trn my tnh.

Hnh 1.1: Cu trc packet sniffer Thnh phn th hai ca mt packet sniffer l b phn tch gi tin (packet analyzer), cho php hin th ni dung ca tt c cc trng trong mt bn tin giao thc. lm c iu ny, packet analyzer cn phi hiu cu trc ca tt c cc bn tin trao i gia cc giao thc. V d, gi s chng ta quan tm n vic hin th cc trng trong cc bn tin trao i bi giao(C)2007 Trn Xun Nam, Khoa V tuyn in t, Hc vin K thut Qun s

Bi 1: Gii thiu

Trang 3

thc HTTP nh Hnh 1.1. Packet analyzer hiu cu trc ca nh dng Ethernet frame, v v vy c th xc nh c IP datagram bn trong Ethernet frame. Packet analyzer cng hiu nh dng ca IP datagram, v c th tch c TCP segment bn trong IP datagram. Tng t, packet analyzer cng bi t cu trc ca TCP segment v, v vy, cho php tch c bn tin HTTP cha trong TCP segment. Cui cng, packet analyzer hiu giao thc HTTP v, v vy, bit c, byte u tin trong mt bn tin HTTP c cha cc lnh iu khin nh cc t GET, POST, hoc HEAD. Trong phm vi cc bi th nghim ny, chng ta s s dng Wireshark packet sniffer hin th ni dung ca cc bn tin ang pht/thu t/bi cc giao thc cc lp khc nhau ca chng giao thc TCP/IP. Chng trnh ny hot ng trn cc my tnh c s dng Ethernet hay ADSL kt ni ti Internet, cng nh cc giao thc im-ni-im nh PPP (Point-to-Point Protocol). Wireshark l tn gi ca chng trnh Ethereal trc , bt ngun t giao thc lp lin kt d liu Ethernet nh hc trong bi ging. 1.2 Ci t Wireshark

chy Wireshark, my tnh cn phi c ci t c hai phn mm packet sniffer Wireshark v th vin bt gi tin libpcap. Nu phn mm libpcap cha c ci t vo trong h iu hnh ca my, cn phi ci t libpcap. bit a ch download, xem thm ti a ch http://www.wireshark.org/download.html. Download v ci gi phn mm Wireshark: truy nhp n a ch

http://www.wireshark.org, truy nhp vo mc Download, chn mt server gn download Wireshark. Phin bn hin ti ca Wireshark l Wireshark 0.99.7. Download v ci t libpcap2: vi Windows, phn mm libpcap thng c bit n vi tn gi WinPCap. download WinPCap truy nhp vo a ch http://www.winpcap.org/, truy nhp n menu Get WinPCap, v download t mc Installer for Windows. Phin bn hin ti ca WinPCap l WinPCap 4.0.2. 1.3 Khi ng Wireshark

Sau khi khi ng Wireshark, giao din ha ngi dng ca Wireshark s c hin th nh Hnh 1.2. Ban u khng c d liu c hin th cc ca s. Giao din Wireshark c nm thnh phn chnh:2

Cc phin bn mi ca Wireshark c th bao gm WinPCap nn cn kim tra li trc khi ci t

(C)2007 Trn Xun Nam, Khoa V tuyn in t, Hc vin K thut Qun s

Bi 1: Gii thiu

Trang 4

Menu cu lnh (command menus) l cc menu ko xung t pha trn u ca ca s. Hai menu ng quan tm nht l men