Don't forget to upvote if it helps you !
Final Review of Jiwang: https://blog.csdn.net/qq_41587612/article/details/104215848
Experiment 1: Connect the crystal head of the network cable
Computer Network Experiment 1 https://www.bilibili.com/video/BV1NA411t7KP/
Experiment 2 Basic application of network protocol analyzer
【Purpose】
1. Familiar with the installation process of the protocol analysis tool Wireshark;
2. Master the basic usage of Wireshark.
【Laboratory equipment】
1. Provide Wireshark software installation package;
2. 1 computer with internet connection per person
【Experiment content】
After downloading and installing Wireshark, start Wireshark and select the interface name in the interface list , then start capturing packets on this interface.
After clicking the interface name, you can see the packets received in real time. Wireshark captures every message sent and received by the system.
Each row of the upper panel corresponds to a network packet. By default, it displays the packet reception time (relative to the time when the capture started), the source and destination IP addresses, the protocol used, and the packet-related information. Click on a row to see more information in the two windows below. The "+" icon displays the detailed information of each layer in the packet. The bottom window lists the message content in both hexadecimal and ASCII codes.
【Experiment result】
Enter " dns " in the filter bar at the top of the window and click Apply (or press Enter) to see only DNS packets. As you type, Wireshark will help autocomplete the filter conditions. As shown in Figure 1.
【Experimental experience】
Through this experiment, I have mastered the most basic methods of filtering packets and the color identification of Wireshark, and have a basic understanding of Wireshark. Wireshark uses colors to make the packets of various traffic clear at a glance. For example, the default green is TCP packets, dark blue is DNS, light blue is UDP, and black identifies problematic TCP packets—such as out-of-order packets.
Experiment 3 Analysis of Ethernet Protocol
【Experiment topic】
Analysis of Ethernet Protocol
【Purpose】
1. Familiar with the installation process of the protocol analysis tool Wireshark;
2. Master the basic usage of Wireshark.
【lab environment】
Wireshark software installation package and 1 computer connected to the network.
【Experiment content and steps】
1 Use Wireshark to observe the working process of the ARP protocol and the ping command
1.1 When the arp table is empty, the destination address is this network segment
1) Use the "ipconfig" command to obtain the MAC address of the machine and the IP address of the default router;
ipconfig/all
2) Use the "arp" command to clear the local cache: arp-d
3) Run Wireshark and start to capture all packets belonging to ARP protocol or ICMP protocol, and the source or destination MAC address is the local machine (hint: you need to use the local machine's MAC address obtained in (1) when setting the filtering rules);
Filter rule: eth.src eq 00:15:C5:7B:30:A6 and(arp or icmp)
4) Execute the command: "ping the IP address of this network segment";
5) Analyze the execution process and the MAC address in the Ethernet frame;
1>arp request mac address analysis
Mac frame address analysis: broadcast frames. Destination address: ff:ff:ff:ff:ff:ff Source address: 08:81:f4:94:17:68
Frame type: Address Resolution Protocol (0806) The lowest bit of the first field of the address is 1, which means the group address.
2>arp response mac address analysis
Destination Address: 34:de:1a:48:37:cb Source Address: 08:81:f4:94:17:68 Frame Type: Address Resolution Protocol (0806)
The least significant bit of the first field of the address is 1, indicating the group address.
3> Perform process analysis:
Because arp -d is executed to clear the local cache, and the local machine cannot find the corresponding MAC address in the ARP table, it will cache the data packet, and then send an ARP request packet in broadcast mode. The sender IP address and sender MAC address in the ARP request message are the local IP address and MAC address, and the target IP address and target MAC address are the local IP address and the MAC address of all 0s. Since the ARP request message is sent in broadcast mode, all hosts on the network segment can receive the request, but only the requested host (ie, host B) will process the request.
2>arp response mac address analysis
Destination address: 34:de:1a:48:37:cb Source address: 08:81:f4:94:17:68
Frame type: Address Resolution Protocol (0806) The lowest bit of the first field of the address is 1, which means the group address.
3> Execution process: The machine first checks its own ARP table to make sure that it contains the ARP table entry corresponding to the host. After finding the corresponding MAC address, directly use the MAC address in the ARP table to frame the IP data packet and send the data packet to host B. When host B receives this request, it responds.
1.2 When the arp table is empty, the destination address is not in this network segment
1) Repeat the steps of 3.1.1 to test;
2) Analyze how arp parsing is different from 3.1.1;
3) Analyze the MAC address in the Ethernet frame;
1>arp request max frame analysis
2>arpy response mac frame analysis
3> Execution process: Host A will first send an ARP request to the gateway, and the target IP address in the ARP request message is the IP address of the gateway. After host A obtains the MAC address of the gateway from the received response message, it encapsulates the message and sends it to the gateway. If the gateway does not have the ARP entry of host B, the gateway will broadcast an ARP request, and the destination IP address is the IP address of host B. After the gateway obtains the MAC address of host B from the received response message, it can send the message To host B; if the gateway already has an ARP entry for host B, the gateway directly sends the packet to host B.
[Experimental results and network protocol analysis]
| Ethernet Protocol Analysis |
|
| The 48-bit ethernet address of the host is |
50-7B-9D-A0-2B-AC |
| The 48-bit dual Ethernet address of the destination host is |
ff:ff:ff:ff:ff:ff |
| ARP request message |
ARP reply packet |
||
| field |
Message information and parameters |
field |
Message information and parameters |
| hardware type |
Ethernet(0x0001) |
hardware type |
Ethernet(0x0002) |
| agreement type |
Ipv4 |
agreement type |
Ipv4 |
| hardware address length |
6 |
hardware address length |
6 |
| Protocol address length |
4 |
Protocol address length |
4 |
| operate |
request(0x0001) |
operate |
Reply(0x0002) |
| Physical address of the source station |
50:7b:9d:a0:2b:ac |
Physical address of the source station |
50:7b:9d:a0:2b:ac |
| Origin IP address |
10.58.116.20 |
Origin IP address |
10.58.116.20 |
| destination physical address |
00:00:00:00:00:00 |
destination physical address |
50:7b:9d:a0:2b:a4 |
| Destination IP address |
10.58.116.11 |
Destination IP address |
10.58.116.13 |
Experiment 4 Analysis of IP Protocol and ICMP Protocol
【Purpose】
1. Understand the working process of IP protocol and ICMP protocol;
2. Master the protocol analysis method of Wireshark;
3. Analyze the data of IP protocol and ICMP protocol.
【lab environment】
One computer with internet access per person is provided.
【Experiment content and steps】
1. Open the command line window and enter ipconfig to view the local ip
2. Enter arp -a to view the ip and ping the first one
4. Open Wireshark, select the local connection, click start, enter ip.src==10.58.115.33 and ip.dst==10.58.115.2, click apply
5. Double-click the first one to view the analysis of the protocol and fill in the following table
[Experimental results and network protocol analysis]
| Analysis of IP Protocol Packets |
|
|---|---|
| field |
message information |
| Version |
4 |
| head length |
20 bytes (5) |
| Service type |
Default(0) |
| total length |
60 |
| logo |
0x3778 (14200) |
| logo |
0x00 |
| slice offset |
0 |
| life cycle |
128 |
| 协议 |
ICMP |
| 校验和 |
0x08b2 |
| 源地址 |
10.58.115.33 |
| 目的地址 |
10.58.115.2 |
| ICMP协议分析 |
|
|---|---|
| 字段 |
报文信息 |
| 类型 |
8 |
| 代码 |
0 |
| 校验和 |
0x4d5a |
| 标识(BE) |
1(0x0001) |
| 标识(LE) |
256 (0x0100) |
| 序列号(BE) |
1(0x0001) |
| 序列号(LE) |
256 (0x0100) |
实验五 TCP协议和UDP协议的分析
【实验目的】
利用wireshark分析tcp的三次握手
【实验设备】
计算机一台
【实验内容】
1 、ping www.baidu.com 向百度发数据包,目的了解百度ip地址
2、打开浏览器,输入www.baidu.com
3、在wireshark中查找。
【实验结果及网络协议分析】
第一条 抓包数据:客户端向服务器发一个数据包syn位置1,52198>https,hi,我想访问你的web资源,能不能把https打开
第二条 抓包数据:服务器向客户端返回一个数据包syn位置1,ack位置1,https>52198,可以我已经把端口打开了,但为了保证待会可靠传输,你也把你的52198端口打开。
第三条 数据包:客户端再向服务器发送一个数据包ack位,1,52198>https,没问题我也把52198端口打开了,好的到此一次tcp连接就此建立。
Udp数据包分析
TCP协议的“三次握手”连接建立报文分析
| 握手阶段 |
源端口 |
目的端口 |
序号 |
确认序号 |
URG |
ACK |
PSH |
RST |
SYN |
FIN |
窗口 |
| 1 |
53021 |
443 |
0 |
无 |
Not set |
Not set |
Not set |
Not set |
Set |
Not set |
8192 |
| 2 |
443 |
53021 |
0 |
1 |
Not set |
Set |
Not set |
Not set |
Set |
Not set |
8192 |
| 3 |
53021 |
443 |
1 |
1 |
Not set |
Set |
Not set |
Not set |
Not set |
Not set |
66240 |
UDP报文分析
| UDP 报文 |
字段名 |
字段值 |
| 源端口 |
57284 |
|
| 目的端口 |
5355 |
|
| 长度 |
38 |
|
| 校验和 |
0x5f8a |
实验六 Win7下配置web服务器
【实验目的】
在Win7下配置web服务器
【实验设备】
电脑一台
【实验内容】
一、安装web组件
由于win7下默认没有安装web组件,故web的设置第一步就是安装web组件。
步骤:开始----控制面板----程序和功能----打开或关闭windows功能。
打开浏览器,网址输入“localhost”后回车,验证一下IIS是否正常运行。
二、添加web站点
步骤1:控制面板-----系统安全---管理工具----Internet信息服务(iis)
展开左侧连接窗口,可以看到有一个默认的网站正在运行。
中间窗口提供了设置iis的各种快捷图标,双击图标就可以进行相关设置。
右侧窗口主要是服务器管理
步骤2:右键点击“网站”
点击“测试设置”,会发现目录没有授权,没有权限。点击“连接为”----选择“特定”
这里的物理路径下的目录要“启动”
三、添加用户账号
由于win7下的web账号是windows用户账号,所以,先得添加用户账号,
步骤1:右键“计算机“---管理-----计算机管理,在计算机管理的界面的左侧点击:系统工具---本地用户和组-----用户
步骤2:在“用户”上右击,出现“新用户”
【实验结果】
实验七 FTP服务器的配置和管理
【实验目的】
1.了解FTP服务的工作过程;
2.掌握FTP服务器的配置和管理方法;
【实验设备】
连网计算机1台。
【实验内容】
1.安装ftp组件
由于win7下默认没有安装ftp组件,故ftp的设置第一步就是安装ftp组件。
步骤:开始----控制面板----程序和功能----打开或关闭windows功能。
2.添加ftp站点
步骤:1、右键“计算机”----管理-----服务和应用程序-----选中Internet信息服务iis管理器-
------单击选中“网站”,在其上右键“网站”-----点击添加ftp站点
2、添加ftp站点名称,以及设置ftp站点的物理路径,点击“下一步”,出现“绑定和ssl设置界面”
3、Ip设置为本节的ip地址,端口用ftp默认的21,ssl勾选 “无”。点击“下一步”出现“身份验证和授权信息”的界面
如果设置简单的ftp,则“身份验证”和“授权”勾选“匿名”,并给予相应权限
本实验要给ftp配置账号,以及账号权限,故“身份验证”选基本,“授权”选末选定
点击完成,完成ftp站点设置。
3.设置ftp账号以及权限
由于win7下的ftp账号是windows用户账号,所以,先得添加用户账号,
步骤:1、右键“计算机“---管理-----计算机管理,在计算机管理的界面的左侧点击:系统工具---本地用户和组-----用户
2、在“用户“上右击,出现“新用户”
接下来,在ftp站点中给新用户添加权限。
右键“计算机”----管理-----服务和应用程序-----选中Internet信息服务iis管理器
点中刚才新建的ftp站点,点中“ftp授权规则”
步骤:1、点击右侧的“编辑权限“,对ftp站点文件夹添加用户权限。在弹出窗口点击”安全“标签
2、点“编辑”,出现权限窗口
3、 点“添加”,在”输入对象名称来选择“中输入新建的用户名,点确定。
在回到“Internet信息服务(IIS)管理器”窗口,双击刚才选中的“FTP授权规则”,在FTP站点中对刚才新建用户授权。如下所示:
点击右侧的“添加允许规则”,在弹出的窗口中,勾选“指定的用户”,输入刚才新建的用户,在下方的“权限”中,勾选“读取”。如下所示:
至此,FTP的站点设置就完成了。
【实验结果】
实验八 DHCP服务器的设置
【实验目的】
1.了解DHCP服务器的设置;
2.掌握DHCP服务器的配置和管理方法;
【实验设备】
1.提供每人连网计算机1台。
【实验内容】
1.1 DHCP概述
DHCP是动态主机配置协议(Dynamic Host Configure Protocol)的缩写。一台DHCP服务器可以让管理员集中指派和指定全局的和子网特有的TCP/IP参数(含IP地址、网关、DNS服务器等)供整个网络使用。客户机不需要手动配置TCP/IP;并且,当客户机断开与服务器的连接后,旧的IP地址将被释放以便重用,根据这个特性,比如你只拥有20个合法的IP地址,而你管理的机器有50台,只要这50台机器同时使用服务器DHCP服务的不超过20台,则你就不会产生IP地址资源不足的情况。
如果已配置冲突检测设置,则 DHCP 服务器在将租约中的地址提供给客户机之前会试用Ping测试作用域中每个可用地址的连通性。这可确保提供给客户的每个IP地址都没有被使用手动TCP/IP配置的另一台非 DHCP 计算机使用。
1.2 DHCP的设置
1、打开DHCP管理器。选“开始菜单→程序→管理工具→DHCP”,默认的,里面已经有了你的服务器的FQDN( Fully Qualified Domain Name,完全合格域名),比如“wy.wangyi.santai.com.cn”。如下图:
2、如果列表中还没有任何服务器,则需添加DHCP服务器。选“DHCP→右键→添加服务器”,选“此服务器”,再按“浏览”选择(或直接输入)服务器名“wy”(即你的服务器的名字)。
3、打开作用域的设置窗口。先选中FQDN名字,再按“右键→新建作用域”。
4、设置作用域名。此地的“名称”项只是作提示用,可填任意内容。如下图:
5、设置可分配的IP地址范围:比如可分配“192.168.0.10~192.168.0.244”,则在“起始IP地址”项填写“192.168.0.10”,“结束IP地址”项填写“192.168.0.244;“子网掩码”项为“255.255.255.0”。如下图:
6、如果有必要,可在下面的选项中输入欲保留的IP地址或IP地址范围;否则直接单击“下一步”。如下图:
7、下面的“租约期限”可设定DHCP服务器所分配的IP地址的有效期,比如设一年(即365天)。如下图:
8、选“是,我想配置这些选项”以继续配置分配给工作站的默认的网关、默认的DNS服务地址、默认的WINS服务器,在所有有IP地址的栏目均输入并“添加”服务器的IP地址“192.168.0.48”后再根据提示选“是,我想激活作用域”再点击“完成”即可结束最后设置。建好后如下图所示:
