Ethereal Lab – Tobias Lotzke Question A: Which computer did your computer contact to get the IP address of the server that hosted CNN? 220.127.116.11 Question B: What is the role of computer with this IP address as seen from your computer’s network configuration? It is called the Domain Name Server (DNS) which translates web to IP addresses and tries to find the server that hosts CNN.com in case it does not know about the specific IP address. Question C: What transport protocol did your computer use to obtain the IP address in Question A above? Why do you think TCP was not used? UDP is used to obtain the address, because the only goal is to get a destination address without sending a lot of data overhead with the message. These easy tasks are ensured by using UDP instead of TCP (which is more likely used for huge data or http transmissions). Question D: Select any HTTP packet sent out by your machine. What are the Ethernet and IP destination addresses of the packet? Which machine do you think is referred to by the IP destination address? Which machine do you think is specified by the Ethernet destination address? Ethernet destination address: vlan227.aoc-msfc.net.usf.edu (18.104.22.168)- This is the virtual LAN machine that routes the packet to its destination address. IP destination address: 22.214.171.124 – This represents the server where CNN.com is hosted. Question E: To see encryption in action, capture data from 2 web sites. In each capture, right click any http packet and select follow TCP stream in the menu. Submit screen captures of both streams.