CS100 Assignment, due Friday 10/15/04

Hand in this assignment on paper. For questions whose answers you find on the Internet, via manual pages, or elsewhere, cite your sources clearly.

You may work with a partner, but please hand in separate write-ups.

I. Sniffing packets

In CMC 304, there is a four-computer network by the window. From left to right, the machine names and IP addresses are ritchie (192.168.1.1), stearns (192.168.1.2), cook (192.168.1.3), and feigenbaum (192.168.1.4). These machines are connected to one another, but not to any larger network. Please do not hook them to the rest of the world.

For these exercises, you are going to run network programs on this network and watch the interactions between clients and servers using a "packet-sniffing" program called Ethereal. Ethereal is only one of many such programs, but it is pretty simple to use.

To keep the roles of the participants clear, I'm going to assume that you are running servers on feigenbaum, clients on stearns, and Ethereal on cook. Because we have configured feigenbaum to launch Apache when booting up, you should use feigenbaum as the server. But you can use any two of the other three as client and sniffer, respectively.

On all four machines, you can log into Linux using the user name "root" and the password "baseB477". On Windows, you can log in as "carluser" with "carluser" as the password.

Do the following. Hand in answers to the questions interspersed among the instructions.

1. Make sure feigenbaum and stearns are running Linux, and cook is running Windows. Reboot if necessary.

2. Launch Ethereal on cook.

3. In Ethereal, click on the page+gear icon in the upper left (or select Start from the Capture menu). A dialog window will open. Leave the default settings alone, but type "tcp port 80" in the "Capture Filter" text box. (If you click on "Capture Filter" and then "Help", you'll get detailed instructions on other things you can do with the Capture Filter text.) This will cause Ethereal to pay attention only to port 80 communication--that is, only packets that involve a conversation between an HTTP client (like Mozilla) and an HTTP server (like Apache).

4. If you didn't do it yet, click on "OK" to tell Ethereal to start watching port 80 communication go by. This will open a little window with a bunch of progress bars and a "Stop" button at the bottom. As Ethereal detects packets, it will update the progress bars.

5. Launch Mozilla on stearns. Then direct Mozilla to "http://192.168.1.4/index.html". This tells Mozilla to make an HTTP request for "/index.html" on feigenbaum. Since Apache is running on feigenbaum, there will be a process waiting to respond to this request.

6. Mozilla should now display a web page with the text of "The Raven", along with a couple of images. Ethereal should show that some number of TCP packets have been captured. If this number is still zero, then Mozilla is showing you a cached copy of the web page. Hit Reload on Mozilla to force Mozilla to talk to Apache on feigenbaum.

7. Click on Stop in the Ethereal window. You will now see a bunch of data displayed in the three panes of the main Ethereal window. Feel free to explore this data.

8. How many GET requests did Mozilla make? What were they for? (In particular, what files were requested. In terms of the stuff you see on the Raven web page, why were those particular GET requests required?)

9. Examine the first GET request in more detail.

   • What file is this GET requesting?
   • What HTTP headers did Mozilla send along with its request?
   • What do those headers mean?
   • What HTTP headers did Apache send back to Mozilla along with the data?
   • What did those headers mean?
   • Into how many packets was the Raven page split? How can you tell?

10. Close Mozilla. Right-click on the Linux desktop, and select "New Terminal" from the resulting menu. Now you have a terminal window.

11. In Ethereal, start capturing again, but this time, get rid of the "tcp port 80" filter--just leave the filter text blank.

12. Type the command "ping 192.168.1.4". What do you see in the terminal window? What do you see in the Ethereal status window?

13. Stop Ethereal's capture, and look at the data it captured.

    • What protocols do the packets use?
    • Describe as well as you can the packets being sent from stearns to feigenbaum.
    • Describe as well as you can the packets being sent from feigenbaum to stearns.

14. What does ping do? What is the purpose of having such a command?

II. RSA

I have encrypted a brief message for you, using the simple RSA mechanism we discussed in class, with n = 713 and e = 13. Your job is to decrypt the message.

Recall that once you decrypt the integers, you'll have a new list of integers. Those new integers will refer to the 2-letter table we have been using, where AA=1, AB=2, ... , AZ=26, BA=27, ... , ZY=675, ZZ=676.

461
229
689
396
678
255
544

Have fun.