Professional Documents
Culture Documents
LAB DA 3
Name: Trinav Rattan
1. Gather IP address of 5 unique websites, the website should not be in the top 100 websites.
c. When was the HTML-file, that you have retrieved, last modified at the server?
d. How many bytes of content (size of file) is returned to your browser? Which header line is
used to indicate this information?
e. Inspect the contents of the first HTTP GET request from your browser to the server. Is
there an “IF-MODIFIED-SINCE” header line in the HTTP GET message?
If-modified-since: No
2nd website: (http://go.com/)
IP Address: 172.16.176.70
If-modified-since: No
3rd website: (http://delhijalboard.nic.in/home/delhi-jal-board-djb)
IP Address: 172.16.176.70
If-modified-since: No
4th website: (http://www.jkpsc.nic.in/)
IP Address: 164.100.239.146
If-modified-since: No
5th website: (http://www.wbpolice.gov.in/)
IP Address: 172.17.61.167
If-modified-since: No
2. What is the IP address of the host?
Instead of numeric IP addresses, the Domain Network System (DNS) protocol allows Internet users
and network devices to find websites by utilising human-readable hostnames.
DNS queries are either normal (primary) or reverse (reverse) and use TCP for zone transfer and UDP
for name.
6. Which well-known port is used when contacting the DNS server?
For all of its UDP actions and as its TCP server port, a DNS server uses the well-known port 53. TCP
requests are sent to a random port above 1023.
8. What is the filter command for listing all outgoing http traffic?
The command above initially filters out all http packets before checking their source address, which
is referred to as host IP in this case. This enables us to monitor incoming http traffic.
9. Why does DNS use Follow UDP Stream while HTTP use Follow TCP Stream?
• UDP is far faster than TCP. TCP is slow because it necessitates a three-way handshake. The
load on DNS servers is also a significant consideration. DNS servers do not need to maintain
connections because they use UDP.
• DNS requests are often short and fit nicely into UDP segments.
• Although UDP is unreliable, application layer reliability can be introduced. By employing a
timeout and resend at the application layer, an application can use UDP and be dependable.
DNS uses UDP because it is substantially quicker than TCP because the payload size of the DNS
protocol is small enough to fit in UDP segments.
HTTP uses TCP stream because HTTP payloads are substantially larger than DNS payloads, and to
assure the security of the data delivered.
Step 2: Next, try to login to an unsecure website. The packet capture should be on.
Step 5: click on packet -> find the username and the password.
Step 6: Alternate approach- right click on the packet -> select follow > HTTP Stream -> View login
information.