¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé
ͼ3-2 Wireshark³õʼÓû§½çÃæ
ͼ3-3 WiresharkµÄÓû§½çÃæ
´ËʱWiresharkµÄÓû§½çÃæÖ÷ÒªÓÐ5²¿·Ö×é³É£¬Èçͼ3-3Ëùʾ¡£
? ÃüÁî²Ëµ¥£¨command menus£©£ºÃüÁî²Ëµ¥Î»ÓÚ´°¿ÚµÄ×î¶¥²¿£¬ÊDZê×¼µÄÏÂÀʽ²Ëµ¥¡£×î³£Óò˵¥ÃüÁîÓÐÁ½¸ö£ºFile¡¢Capture¡£File²Ëµ¥ÔÊÐíÄã±£´æ·ý»ñµÄ·Ö×éÊý¾Ý»ò´ò¿ªÒ»¸öÒѱ»±£´æµÄ·ý»ñ·Ö×éÊý¾ÝÎļþ»òÍ˳öWireshark³ÌÐò¡£Capture²Ëµ¥ÔÊÐíÄ㿪ʼ·ý»ñ·Ö×é¡£
? ·ý»ñ·Ö×éÁÐ±í£¨listing of captured packets£©£º°´ÐÐÏÔʾÒѱ»·ý»ñµÄ·Ö×éÄÚÈÝ£¬ÆäÖаüÀ¨£ºWireshark¸³ÓèµÄ·Ö×éÐòºÅ¡¢·ý»ñʱ¼ä¡¢·Ö×éµÄÔ´µØÖ·ºÍÄ¿µÄµØÖ·¡¢ÐÒéÀàÐÍ¡¢·Ö×éÖÐËù°üº¬µÄÐÒé˵Ã÷ÐÅÏ¢¡£µ¥»÷ijһÁеÄÁÐÃû£¬¿ÉÒÔʹ·Ö×é°´Ö¸¶¨ÁнøÐÐÅÅÐò¡£ÔÚ¸ÃÁбíÖУ¬ËùÏÔʾµÄÐÒéÀàÐÍÊÇ·¢ËÍ»ò½ÓÊÕ·Ö×éµÄ×î¸ß²ãÐÒéµÄÀàÐÍ¡£
? ·Ö×éÍ·²¿Ã÷ϸ£¨details of selected packet header£©£ºÏÔʾ·ý»ñ·Ö×éÁÐ±í´°¿ÚÖб»Ñ¡ÖзÖ×éµÄÍ·²¿ÏêϸÐÅÏ¢¡£°üÀ¨£ºÓëÒÔÌ«ÍøÖ¡ÓйصÄÐÅÏ¢£¬Óë°üº¬Ôڸ÷Ö×éÖеÄIPÊý¾Ý
29
¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé
±¨ÓйصÄÐÅÏ¢¡£µ¥»÷ÒÔÌ«ÍøÖ¡»òIPÊý¾Ý±¨ËùÔÚÐÐ×ó±ßµÄÏòÓÒ»òÏòϵļýÍ·¿ÉÒÔÕ¹¿ª»ò×îС»¯Ïà¹ØÐÅÏ¢¡£ÁíÍ⣬Èç¹ûÀûÓÃTCP»òUDP³ÐÔØ·Ö×飬WiresharkÒ²»áÏÔʾTCP»òUDPÐÒéÍ·²¿ÐÅÏ¢¡£×îºó£¬·Ö×é×î¸ß²ãÐÒéµÄÍ·²¿×Ö¶ÎÒ²»áÏÔʾÔÚ´Ë´°¿ÚÖС£ ? ·Ö×éÄÚÈÝ´°¿Ú£¨packet content£©£ºÒÔASCIIÂëºÍÊ®Áù½øÖÆÁ½ÖÖ¸ñʽÏÔʾ±»·ý»ñÖ¡µÄÍêÕûÄÚÈÝ¡£
? ÏÔʾɸѡ¹æÔò£¨display filter specification£©£ºÔÚ¸Ã×Ö¶ÎÖУ¬¿ÉÒÔÌîдÐÒéµÄÃû³Æ»òÆäËûÐÅÏ¢£¬¸ù¾Ý´ËÄÚÈÝ¿ÉÒÔ¶Ô·Ö×éÁÐ±í´°¿ÚÖеķÖ×é½øÐйýÂË¡£ £¨Ò»£©WiresharkµÄʹÓà ? Æô¶¯Ö÷»úÉϵÄwebä¯ÀÀÆ÷¡£
? Æô¶¯Wireshark¡£Äã»á¿´µ½Èçͼ3-2ËùʾµÄ´°¿Ú£¬Ö»ÊÇ´°¿ÚÖÐûÓÐÈκηÖ×éÁÐ±í¡£ ? ¿ªÊ¼·Ö×é·ý»ñ£ºÑ¡Ôñ¡°capture¡±ÏÂÀ²Ëµ¥Öеġ°Capture Options¡±ÃüÁ»á³öÏÖÈçͼ3-3ËùʾµÄ¡°Wireshark: Capture Options¡±´°¿Ú£¬¿ÉÒÔÉèÖ÷Ö×é·ý»ñµÄÑ¡Ïî¡£
? ÔÚʵÑéÖУ¬¿ÉÒÔʹÓô°¿ÚÖÐÏÔʾµÄĬÈÏÖµ¡£ÔÚ¡°Wireshark: Capture Options¡±´°¿Ú£¨Èçͼ3-4Ëùʾ£©µÄ×îÉÏÃæÓÐÒ»¸ö¡°Interface List¡±ÏÂÀ²Ëµ¥£¬ÆäÖÐÏÔʾ¼ÆËã»úËù¾ßÓеÄÍøÂç½Ó¿Ú£¨¼´Íø¿¨£©¡£µ±¼ÆËã»ú¾ßÓжà¸ö»î¶¯Íø¿¨Ê±£¬ÐèҪѡÔñÆäÖÐÒ»¸öÓÃÀ´·¢ËÍ»ò½ÓÊÕ·Ö×éµÄÍøÂç½Ó¿Ú£¨Èçij¸öÓÐÏß½Ó¿Ú£©¡£Ëæºó£¬µ¥»÷¡°Start¡±¿ªÊ¼½øÐзÖ×é·ý»ñ£¬ËùÓÐÓÉÑ¡¶¨Íø¿¨·¢ËͺͽÓÊյķÖ×é¶¼½«±»·ý»ñ¡£
ͼ3-4 WiresharkµÄCapture Option
? ¿ªÊ¼·Ö×é·ý»ñºó£¬»á³öÏÖÈçͼ3-5ËùʾµÄ´°¿Ú¡£¸Ã´°¿Úͳ¼ÆÏÔʾ¸÷ÀàÒÑ·ý»ñÊý¾Ý°ü¡£Ôڸô°¿ÚµÄ¹¤¾ßÀ¸ÖÐÓÐÒ»¸ö¡°stop¡±°´Å¥£¬¿ÉÒÔÍ£Ö¹·Ö×éµÄ·ý»ñ¡£µ«´ËʱÄã×îºÃ²»ÒªÍ£Ö¹·ý»ñ·Ö×é¡£
? ÔÚÔËÐзÖ×é·ý»ñµÄͬʱ£¬ÔÚä¯ÀÀÆ÷µØÖ·À¸ÖÐÊäÈëÄ³ÍøÒ³µÄURL£¬È磺http://www.hit.edu.cn¡£ÎªÏÔʾ¸ÃÍøÒ³£¬ä¯ÀÀÆ÷ÐèÒªÁ¬½Ówww.hit.edu.cnµÄ·þÎñÆ÷£¬²¢ÓëÖ®½»»»HTTPÏûÏ¢£¬ÒÔÏÂÔØ¸ÃÍøÒ³¡£°üº¬ÕâЩHTTP±¨ÎĵÄÒÔÌ«ÍøÖ¡½«±»Wireshark·ý»ñ¡£
30
¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé
? µ±ÍêÕûµÄÒ³ÃæÏÂÔØÍê³Éºó£¬µ¥»÷Wireshark²Ëµ¥À¸ÖеÄstop°´Å¥£¬Í£Ö¹·Ö×é·ý»ñ¡£WiresharkÖ÷´°¿ÚÏÔʾÒÑ·ý»ñµÄÄãµÄ¼ÆËã»úÓëÆäËûÍøÂçʵÌå½»»»µÄËùÓÐÐÒ鱨ÎÄ£¬ÆäÖÐÒ»²¿·Ö¾ÍÊÇÓëwww.hit.edu.cn·þÎñÆ÷½»»»µÄHTTP±¨ÎÄ¡£´ËʱÖ÷´°¿ÚÓëͼ3-3ÏàËÆ¡£ ? ÔÚÏÔʾɸѡ¹æÔòÖÐÊäÈë¡°http¡±£¬µ¥»÷¡°»Ø³µ¡±£¬·Ö×éÁÐ±í´°¿Ú½«Ö»ÏÔʾHTTPÐÒ鱨ÎÄ¡£ ? Ñ¡Ôñ·Ö×éÁÐ±í´°¿ÚÖеĵÚÒ»Ìõhttp±¨ÎÄ¡£ËüÓ¦¸ÃÊÇÄãµÄ¼ÆËã»ú·¢Ïòwww.hit.edu.cn·þÎñÆ÷µÄHTTP GET±¨ÎÄ¡£µ±ÄãÑ¡Ôñ¸Ã±¨Îĺó£¬ÒÔÌ«ÍøÖ¡¡¢IPÊý¾Ý±¨¡¢TCP±¨ÎĶΡ¢ÒÔ¼°HTTP±¨ÎÄÊײ¿ÐÅÏ¢¶¼½«ÏÔʾÔÚ·Ö×éÊײ¿×Ó´°¿ÚÖС£µ¥»÷·Ö×éÊײ¿ÏêϸÐÅÏ¢×Ó´°¿ÚÖÐÏòÓÒºÍÏòϼýÍ·£¬¿ÉÒÔ×îС»¯Ö¡¡¢ÒÔÌ«Íø¡¢IP¡¢TCPÐÅÏ¢ÏÔʾÁ¿£¬¿ÉÒÔ×î´ó»¯HTTPÐÒéÏà¹ØÐÅÏ¢µÄÏÔʾÁ¿¡£
ͼ3-5 WiresharkµÄ×¥°ü½çÃæ
£¨¶þ£©HTTP·ÖÎö
1£©HTTP GET/response½»»¥
? Æô¶¯Web browser£¬È»ºóÆô¶¯Wireshark·Ö×éÐá̽Æ÷¡£ÔÚ´°¿ÚµÄÏÔʾ¹ýÂË˵Ã÷´¦ÊäÈë¡°http¡±£¬·Ö×éÁбí×Ó´°¿ÚÖн«Ö»ÏÔʾËù·ý»ñµ½µÄHTTP±¨ÎÄ¡£ ? ¿ªÊ¼Wireshark·Ö×é·ý»ñ¡£
? ÔÚ´ò¿ªµÄWeb browser´°¿ÚÖÐÊäÈëһϵØÖ·£ºhttp://hitgs.hit.edu.cn/news ? Í£Ö¹·Ö×é·ý»ñ¡£
¸ù¾Ý·ý»ñ´°¿ÚÄÚÈÝ£¬Ë¼¿¼ÒÔÏÂÎÊÌ⣺
? ÄãµÄä¯ÀÀÆ÷ÔËÐеÄÊÇHTTP1.0£¬»¹ÊÇHTTP1.1£¿ÄãËù·ÃÎʵķþÎñÆ÷ËùÔËÐÐHTTPÐÒéµÄ°æ±¾ºÅÊǶàÉÙ£¿ HTTP1.1 £¬Version 4.
31
¡¶¼ÆËã»úÍøÂ硷ʵÑéÖ¸µ¼Êé
? ÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷Ö¸³öËüÄܽÓÊÕºÎÖÖÓïÑÔ°æ±¾µÄ¶ÔÏó£¿ Accept-Language: zh-CN,zh;q=0.8
? ÄãµÄ¼ÆËã»úµÄIPµØÖ·ÊǶàÉÙ£¿·þÎñÆ÷http://hitgs.hit.edu.cn/newsµÄIPµØÖ·ÊǶàÉÙ£¿ 192.168.199.189 219.217.226.18
? ´Ó·þÎñÆ÷ÏòÄãµÄä¯ÀÀÆ÷·µ»ØµÄ״̬´úÂëÊǶàÉÙ£¿ 200 OK
2£©HTTP Ìõ¼þGET/response½»»¥
? Æô¶¯ä¯ÀÀÆ÷£¬Çå¿Õä¯ÀÀÆ÷µÄ»º´æ£¨ÔÚä¯ÀÀÆ÷ÖУ¬Ñ¡Ôñ¡°¹¤¾ß¡±²Ëµ¥Öеġ°InternetÑ¡ÏÃüÁÔÚ³öÏֵĶԻ°¿òÖУ¬Ñ¡Ôñ¡°É¾³ýÎļþ¡±£©¡£ ? Æô¶¯Wireshark·Ö×é·ý»ñÆ÷¡£¿ªÊ¼Wireshark·Ö×é·ý»ñ¡£
? ÔÚä¯ÀÀÆ÷µÄµØÖ·À¸ÖÐÊäÈëÒÔÏÂURL: http://hitgs.hit.edu.cn/news,ÔÚÄãµÄä¯ÀÀÆ÷ÖÐÖØÐÂÊäÈëÏàͬµÄURL»òµ¥»÷ä¯ÀÀÆ÷Öеġ°Ë¢Ð¡±°´Å¥¡£
? Í£Ö¹Wireshark·Ö×é·ý»ñ£¬ÔÚÏÔʾ¹ýÂËɸѡ˵Ã÷´¦ÊäÈë¡°http¡±,·Ö×éÁбí×Ó´°¿ÚÖн«Ö»ÏÔʾËù·ý»ñµ½µÄHTTP±¨ÎÄ¡£ ¸ù¾Ý·ý»ñ´°¿ÚÄÚÈÝ£¬Ë¼¿¼ÒÔÏÂÎÊÌ⣺
? ·ÖÎöÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷·¢³öµÄµÚÒ»¸öHTTP GETÇëÇóµÄÄÚÈÝ£¬ÔÚ¸ÃÇëÇó±¨ÎÄÖУ¬ÊÇ·ñÓÐÒ»ÐÐÊÇ£ºIF-MODIFIED-SINCE£¿Ã»ÓÐ
? ·ÖÎö·þÎñÆ÷ÏìÓ¦±¨ÎĵÄÄÚÈÝ£¬·þÎñÆ÷ÊÇ·ñÃ÷È··µ»ØÁËÎļþµÄÄÚÈÝ£¿ÈçºÎ»ñÖª£¿ 200 OK £¨text/html£©¡£
? ·ÖÎöÄãµÄä¯ÀÀÆ÷Ïò·þÎñÆ÷·¢³öµÄ½ÏÍíµÄ¡°HTTP GET¡±ÇëÇó£¬ÔÚ¸ÃÇëÇó±¨ÎÄÖÐÊÇ·ñÓÐÒ»ÐÐÊÇ£ºIF-MODIFIED-SINCE£¿Èç¹ûÓУ¬ÔÚ¸ÃÊײ¿ÐкóÃæ¸ú×ŵÄÐÅÏ¢ÊÇʲô£¿ ûÓС£
32