¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé(Èí¼þѧԺ2015) - ͼÎÄ ÏÂÔØ±¾ÎÄ

¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé

ͼ3-2 Wireshark³õʼÓû§½çÃæ

ͼ3-3 WiresharkµÄÓû§½çÃæ

´ËʱWiresharkµÄÓû§½çÃæÖ÷ÒªÓÐ5²¿·Ö×é³É£¬Èçͼ3-3Ëùʾ¡£

? ÃüÁî²Ëµ¥£¨command menus£©£ºÃüÁî²Ëµ¥Î»ÓÚ´°¿ÚµÄ×î¶¥²¿£¬ÊDZê×¼µÄÏÂÀ­Ê½²Ëµ¥¡£×î³£Óò˵¥ÃüÁîÓÐÁ½¸ö£ºFile¡¢Capture¡£File²Ëµ¥ÔÊÐíÄã±£´æ·ý»ñµÄ·Ö×éÊý¾Ý»ò´ò¿ªÒ»¸öÒѱ»±£´æµÄ·ý»ñ·Ö×éÊý¾ÝÎļþ»òÍ˳öWireshark³ÌÐò¡£Capture²Ëµ¥ÔÊÐíÄ㿪ʼ·ý»ñ·Ö×é¡£

? ·ý»ñ·Ö×éÁÐ±í£¨listing of captured packets£©£º°´ÐÐÏÔʾÒѱ»·ý»ñµÄ·Ö×éÄÚÈÝ£¬ÆäÖаüÀ¨£ºWireshark¸³ÓèµÄ·Ö×éÐòºÅ¡¢·ý»ñʱ¼ä¡¢·Ö×éµÄÔ´µØÖ·ºÍÄ¿µÄµØÖ·¡¢Ð­ÒéÀàÐÍ¡¢·Ö×éÖÐËù°üº¬µÄЭÒé˵Ã÷ÐÅÏ¢¡£µ¥»÷ijһÁеÄÁÐÃû£¬¿ÉÒÔʹ·Ö×é°´Ö¸¶¨ÁнøÐÐÅÅÐò¡£ÔÚ¸ÃÁбíÖУ¬ËùÏÔʾµÄЭÒéÀàÐÍÊÇ·¢ËÍ»ò½ÓÊÕ·Ö×éµÄ×î¸ß²ãЭÒéµÄÀàÐÍ¡£

? ·Ö×éÍ·²¿Ã÷ϸ£¨details of selected packet header£©£ºÏÔʾ·ý»ñ·Ö×éÁÐ±í´°¿ÚÖб»Ñ¡ÖзÖ×éµÄÍ·²¿ÏêϸÐÅÏ¢¡£°üÀ¨£ºÓëÒÔÌ«ÍøÖ¡ÓйصÄÐÅÏ¢£¬Óë°üº¬Ôڸ÷Ö×éÖеÄIPÊý¾Ý

29

¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé

±¨ÓйصÄÐÅÏ¢¡£µ¥»÷ÒÔÌ«ÍøÖ¡»òIPÊý¾Ý±¨ËùÔÚÐÐ×ó±ßµÄÏòÓÒ»òÏòϵļýÍ·¿ÉÒÔÕ¹¿ª»ò×îС»¯Ïà¹ØÐÅÏ¢¡£ÁíÍ⣬Èç¹ûÀûÓÃTCP»òUDP³ÐÔØ·Ö×飬WiresharkÒ²»áÏÔʾTCP»òUDPЭÒéÍ·²¿ÐÅÏ¢¡£×îºó£¬·Ö×é×î¸ß²ãЭÒéµÄÍ·²¿×Ö¶ÎÒ²»áÏÔʾÔÚ´Ë´°¿ÚÖС£ ? ·Ö×éÄÚÈÝ´°¿Ú£¨packet content£©£ºÒÔASCIIÂëºÍÊ®Áù½øÖÆÁ½ÖÖ¸ñʽÏÔʾ±»·ý»ñÖ¡µÄÍêÕûÄÚÈÝ¡£

? ÏÔʾɸѡ¹æÔò£¨display filter specification£©£ºÔÚ¸Ã×Ö¶ÎÖУ¬¿ÉÒÔÌîдЭÒéµÄÃû³Æ»òÆäËûÐÅÏ¢£¬¸ù¾Ý´ËÄÚÈÝ¿ÉÒÔ¶Ô·Ö×éÁÐ±í´°¿ÚÖеķÖ×é½øÐйýÂË¡£ £¨Ò»£©WiresharkµÄʹÓà ? Æô¶¯Ö÷»úÉϵÄwebä¯ÀÀÆ÷¡£

? Æô¶¯Wireshark¡£Äã»á¿´µ½Èçͼ3-2ËùʾµÄ´°¿Ú£¬Ö»ÊÇ´°¿ÚÖÐûÓÐÈκηÖ×éÁÐ±í¡£ ? ¿ªÊ¼·Ö×é·ý»ñ£ºÑ¡Ôñ¡°capture¡±ÏÂÀ­²Ëµ¥Öеġ°Capture Options¡±ÃüÁ»á³öÏÖÈçͼ3-3ËùʾµÄ¡°Wireshark: Capture Options¡±´°¿Ú£¬¿ÉÒÔÉèÖ÷Ö×é·ý»ñµÄÑ¡Ïî¡£

? ÔÚʵÑéÖУ¬¿ÉÒÔʹÓô°¿ÚÖÐÏÔʾµÄĬÈÏÖµ¡£ÔÚ¡°Wireshark: Capture Options¡±´°¿Ú£¨Èçͼ3-4Ëùʾ£©µÄ×îÉÏÃæÓÐÒ»¸ö¡°Interface List¡±ÏÂÀ­²Ëµ¥£¬ÆäÖÐÏÔʾ¼ÆËã»úËù¾ßÓеÄÍøÂç½Ó¿Ú£¨¼´Íø¿¨£©¡£µ±¼ÆËã»ú¾ßÓжà¸ö»î¶¯Íø¿¨Ê±£¬ÐèҪѡÔñÆäÖÐÒ»¸öÓÃÀ´·¢ËÍ»ò½ÓÊÕ·Ö×éµÄÍøÂç½Ó¿Ú£¨Èçij¸öÓÐÏß½Ó¿Ú£©¡£Ëæºó£¬µ¥»÷¡°Start¡±¿ªÊ¼½øÐзÖ×é·ý»ñ£¬ËùÓÐÓÉÑ¡¶¨Íø¿¨·¢ËͺͽÓÊյķÖ×é¶¼½«±»·ý»ñ¡£

ͼ3-4 WiresharkµÄCapture Option

? ¿ªÊ¼·Ö×é·ý»ñºó£¬»á³öÏÖÈçͼ3-5ËùʾµÄ´°¿Ú¡£¸Ã´°¿Úͳ¼ÆÏÔʾ¸÷ÀàÒÑ·ý»ñÊý¾Ý°ü¡£Ôڸô°¿ÚµÄ¹¤¾ßÀ¸ÖÐÓÐÒ»¸ö¡°stop¡±°´Å¥£¬¿ÉÒÔÍ£Ö¹·Ö×éµÄ·ý»ñ¡£µ«´ËʱÄã×îºÃ²»ÒªÍ£Ö¹·ý»ñ·Ö×é¡£

? ÔÚÔËÐзÖ×é·ý»ñµÄͬʱ£¬ÔÚä¯ÀÀÆ÷µØÖ·À¸ÖÐÊäÈëÄ³ÍøÒ³µÄURL£¬È磺http://www.hit.edu.cn¡£ÎªÏÔʾ¸ÃÍøÒ³£¬ä¯ÀÀÆ÷ÐèÒªÁ¬½Ówww.hit.edu.cnµÄ·þÎñÆ÷£¬²¢ÓëÖ®½»»»HTTPÏûÏ¢£¬ÒÔÏÂÔØ¸ÃÍøÒ³¡£°üº¬ÕâЩHTTP±¨ÎĵÄÒÔÌ«ÍøÖ¡½«±»Wireshark·ý»ñ¡£

30

¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé

? µ±ÍêÕûµÄÒ³ÃæÏÂÔØÍê³Éºó£¬µ¥»÷Wireshark²Ëµ¥À¸ÖеÄstop°´Å¥£¬Í£Ö¹·Ö×é·ý»ñ¡£WiresharkÖ÷´°¿ÚÏÔʾÒÑ·ý»ñµÄÄãµÄ¼ÆËã»úÓëÆäËûÍøÂçʵÌå½»»»µÄËùÓÐЭÒ鱨ÎÄ£¬ÆäÖÐÒ»²¿·Ö¾ÍÊÇÓëwww.hit.edu.cn·þÎñÆ÷½»»»µÄHTTP±¨ÎÄ¡£´ËʱÖ÷´°¿ÚÓëͼ3-3ÏàËÆ¡£ ? ÔÚÏÔʾɸѡ¹æÔòÖÐÊäÈë¡°http¡±£¬µ¥»÷¡°»Ø³µ¡±£¬·Ö×éÁÐ±í´°¿Ú½«Ö»ÏÔʾHTTPЭÒ鱨ÎÄ¡£ ? Ñ¡Ôñ·Ö×éÁÐ±í´°¿ÚÖеĵÚÒ»Ìõhttp±¨ÎÄ¡£ËüÓ¦¸ÃÊÇÄãµÄ¼ÆËã»ú·¢Ïòwww.hit.edu.cn·þÎñÆ÷µÄHTTP GET±¨ÎÄ¡£µ±ÄãÑ¡Ôñ¸Ã±¨Îĺó£¬ÒÔÌ«ÍøÖ¡¡¢IPÊý¾Ý±¨¡¢TCP±¨ÎĶΡ¢ÒÔ¼°HTTP±¨ÎÄÊײ¿ÐÅÏ¢¶¼½«ÏÔʾÔÚ·Ö×éÊײ¿×Ó´°¿ÚÖС£µ¥»÷·Ö×éÊײ¿ÏêϸÐÅÏ¢×Ó´°¿ÚÖÐÏòÓÒºÍÏòϼýÍ·£¬¿ÉÒÔ×îС»¯Ö¡¡¢ÒÔÌ«Íø¡¢IP¡¢TCPÐÅÏ¢ÏÔʾÁ¿£¬¿ÉÒÔ×î´ó»¯HTTPЭÒéÏà¹ØÐÅÏ¢µÄÏÔʾÁ¿¡£

ͼ3-5 WiresharkµÄ×¥°ü½çÃæ

£¨¶þ£©HTTP·ÖÎö

1£©HTTP GET/response½»»¥

? Æô¶¯Web browser£¬È»ºóÆô¶¯Wireshark·Ö×éÐá̽Æ÷¡£ÔÚ´°¿ÚµÄÏÔʾ¹ýÂË˵Ã÷´¦ÊäÈë¡°http¡±£¬·Ö×éÁбí×Ó´°¿ÚÖн«Ö»ÏÔʾËù·ý»ñµ½µÄHTTP±¨ÎÄ¡£ ? ¿ªÊ¼Wireshark·Ö×é·ý»ñ¡£

? ÔÚ´ò¿ªµÄWeb browser´°¿ÚÖÐÊäÈëһϵØÖ·£ºhttp://hitgs.hit.edu.cn/news ? Í£Ö¹·Ö×é·ý»ñ¡£

¸ù¾Ý·ý»ñ´°¿ÚÄÚÈÝ£¬Ë¼¿¼ÒÔÏÂÎÊÌ⣺

? ÄãµÄä¯ÀÀÆ÷ÔËÐеÄÊÇHTTP1.0£¬»¹ÊÇHTTP1.1£¿ÄãËù·ÃÎʵķþÎñÆ÷ËùÔËÐÐHTTPЭÒéµÄ°æ±¾ºÅÊǶàÉÙ£¿ HTTP1.1 £¬Version 4.

31

¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé

? ÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷Ö¸³öËüÄܽÓÊÕºÎÖÖÓïÑÔ°æ±¾µÄ¶ÔÏó£¿ Accept-Language: zh-CN,zh;q=0.8

? ÄãµÄ¼ÆËã»úµÄIPµØÖ·ÊǶàÉÙ£¿·þÎñÆ÷http://hitgs.hit.edu.cn/newsµÄIPµØÖ·ÊǶàÉÙ£¿ 192.168.199.189 219.217.226.18

? ´Ó·þÎñÆ÷ÏòÄãµÄä¯ÀÀÆ÷·µ»ØµÄ״̬´úÂëÊǶàÉÙ£¿ 200 OK

2£©HTTP Ìõ¼þGET/response½»»¥

? Æô¶¯ä¯ÀÀÆ÷£¬Çå¿Õä¯ÀÀÆ÷µÄ»º´æ£¨ÔÚä¯ÀÀÆ÷ÖУ¬Ñ¡Ôñ¡°¹¤¾ß¡±²Ëµ¥Öеġ°InternetÑ¡ÏÃüÁÔÚ³öÏֵĶԻ°¿òÖУ¬Ñ¡Ôñ¡°É¾³ýÎļþ¡±£©¡£ ? Æô¶¯Wireshark·Ö×é·ý»ñÆ÷¡£¿ªÊ¼Wireshark·Ö×é·ý»ñ¡£

? ÔÚä¯ÀÀÆ÷µÄµØÖ·À¸ÖÐÊäÈëÒÔÏÂURL: http://hitgs.hit.edu.cn/news,ÔÚÄãµÄä¯ÀÀÆ÷ÖÐÖØÐÂÊäÈëÏàͬµÄURL»òµ¥»÷ä¯ÀÀÆ÷Öеġ°Ë¢Ð¡±°´Å¥¡£

? Í£Ö¹Wireshark·Ö×é·ý»ñ£¬ÔÚÏÔʾ¹ýÂËɸѡ˵Ã÷´¦ÊäÈë¡°http¡±,·Ö×éÁбí×Ó´°¿ÚÖн«Ö»ÏÔʾËù·ý»ñµ½µÄHTTP±¨ÎÄ¡£ ¸ù¾Ý·ý»ñ´°¿ÚÄÚÈÝ£¬Ë¼¿¼ÒÔÏÂÎÊÌ⣺

? ·ÖÎöÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷·¢³öµÄµÚÒ»¸öHTTP GETÇëÇóµÄÄÚÈÝ£¬ÔÚ¸ÃÇëÇó±¨ÎÄÖУ¬ÊÇ·ñÓÐÒ»ÐÐÊÇ£ºIF-MODIFIED-SINCE£¿Ã»ÓÐ

? ·ÖÎö·þÎñÆ÷ÏìÓ¦±¨ÎĵÄÄÚÈÝ£¬·þÎñÆ÷ÊÇ·ñÃ÷È··µ»ØÁËÎļþµÄÄÚÈÝ£¿ÈçºÎ»ñÖª£¿ 200 OK £¨text/html£©¡£

? ·ÖÎöÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷·¢³öµÄ½ÏÍíµÄ¡°HTTP GET¡±ÇëÇó£¬ÔÚ¸ÃÇëÇó±¨ÎÄÖÐÊÇ·ñÓÐÒ»ÐÐÊÇ£ºIF-MODIFIED-SINCE£¿Èç¹ûÓУ¬ÔÚ¸ÃÊײ¿ÐкóÃæ¸ú×ŵÄÐÅÏ¢ÊÇʲô£¿ ûÓС£

32