使用ethereal分析ARP协议_第1页
使用ethereal分析ARP协议_第2页
使用ethereal分析ARP协议_第3页
使用ethereal分析ARP协议_第4页
使用ethereal分析ARP协议_第5页
已阅读5页,还剩4页未读 继续免费阅读

下载本文档

版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领

文档简介

1、实验题忖:实验二使用ethereal分析arp协议班级姓名得分1实验任务2 实验内容使用ethereal或者wireshark分析arp协议。3实验环境因特网连接的计算机网络系统;主机操作系统为windows7; wireshark5 实验结果分析(1)获取木机信息:后缀 :nwsuaf :2001:250:1002:2464:4447:?f30:e3?d:adlc:2001:250:1002:2464:3192:58bb:3a09:ff41:fe80:4447:7f30:e37d:adlcz14:172.176481:255.255.255.0:fe80:21a:a9ff:fel5:ba6a

2、zl4172.17.64.1:媒体已断开媒体嘩隧道适酉己器 isatap.<6c4b8d5f-3a38-48a9-b141-909388e4ab9d>:无线局域网适配器无线网络连接:以太网适配器本地连接:c s.:misersntx>ipconfigip配置pv蘇羽天i链土掩网 接u6駅u4网认 连ip临本ip子默11蠶的乐薛媒体已断开(2)使用arp命令打开“命令提示符”界面,键入“arpa”指令查看本机arp表中的内 容,结果下图所示。琶珪员:c:windowssystem32cmd.exec:usersmtx>arp 一a接: 172.17.64.81 -0xei

3、nternet 地址物理地址172.17.64.100 - laa91.5 - ba6a172.17.64.73dc-0eal-6c-b2-75172.17.64.8648-5b39-64-a3-9c172.17.64.128f0-defl-e0-3e-9c172.17.64.255ff-ff224.0.0.1301-005e-00-00-0d224.0.0.10001-005e-00-00-64224.0.0.25101-005e0000fb224.0.0.25201-005e-00-00-fc224.0.0.25301-005e0000fd239.192.152.14301-005e409

4、88f239.255.255.25001-00c:usersmtx>型态态态态态态态态态态态态类动动助动(3)杏看并清空木地arp高速缓存,arp -d删除所有表项;r:usefs5tx>arp dc: usersmtx>up d c: usersjritx>arp -a 未找到arp项。c: usersjritx>半:(4)执行ping 172.17.64.86,并捕获分组8(叵叵叵叵4* s二乙丿二 s二fsi i6息 统4,逵= 网=长 pin送郎取 巾备 甘已计ms 86估 0 4.包的= 6 015隹短 17.饗取 2.返 17往,1工厶一二厶三厶三二二

5、 正来棗来失丢ms04,=(5)捕获后的wireshark面板: 发送arp包:jlmo z0u.4丄yuuqudnidlu_uo;ui ;4udruducdlakeov wnu ridb 丄icii x/z.i/.m.iio1534 283.261305 universaj.a:eo:o8broadcastarp60 who has 172.17.64.1? tell 172.17.64.791544 286.580043 asustekc.21:eo:93broadcastarp42 who has 172.17.64.86? tell 172.17.64.81154 5 2 86.580

6、341 asustekc64:a3:9casustekcjl:eo:93arp60 172.17.64.86 is at 48:5b:39:64:a3:9c1548 286731698co«palln4:0c:49broadcast 匸一 e a arp rm60 who has 172.17.64.1? tell 172.17.64.43frame 1544: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) on interface 0曰 destination: broadcast (ff:ff:ff:ff:ff

7、:ff)address: broadcast (ff:ff:ff:ff:ff:ff)1lg bit: locally administered address (this 1s not the factory default) 1-ig bit: group address (multicast/broadcast) source: asustekc.21:eo:93 (bc:ae:c5:21:eo:93)address: asustekc.21:eo:93 (be:ae:c5:21:eo:93)oooo jit00100020 25c5 240 50=lg bit: globally uni

8、que address (factory default)8 00 06 04 00 01 be )00 00 00 00 00 acframe 154 5: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0interface id: 0uttap-encap: 1shift for this packet: 0.000000000 secondstime: 1353841724.718086000 secondsdelta from previous captured frame: 0.00029

9、8000 seconds delta from previous displayed frame: 0.000298000 secondsarrival time: nov 25, 2012 19:08:44.718086000 hlb 訂* 訂 timeepochtimetime0000be ae c5 21001008 00 06 040020be ae c5 210030do 00 00 00acoo5b11004046451009c9cooo061100004000015600frame 1545: 60 bytes on wire (480 bits), 60 bytes captu

10、red (480 bits) on interface 0interface id: 0wtap.encap: 1arrival time: nov 25, 2012 19:08:44.718086000 hirtrtrtlhie 訂time epoch time time time frameshift for this packet: 0.000000000 secondstime: 1353841724.718086000 secondsdelta from previous captured frame: 0.000298000 seconds delta from previous

11、displayed frame: 0.000298000 seconds since reference or first frame: 286.580341000 seconds number: 1545frame length: 60 bytes (480 bits) capture length: 60 byres (480 bits) frame is marked: falseframe is ignored: false protocols in frame: eth:arp coloring rule name: arp coloring rule string: arpxsus

12、tekc_64:a3:9c (48:5b:39:64:a3:9c), dst: asustekc_21: e0:93 (bc:ae:c5:21:eo:93)-destination: asustekc_21:eo:93 (bc:ae:c5:21:eo:93)address: asustekc_21:eo:93 (be:ae:c5:21:eo:93)0-lg bit: globally unique address (factory default) 0-ig bit: individual address (unicast) source: asustekc.64:a3:9c (48:5b:3

13、9:64:a3:9c)address: asustekc.64:a3:9c (48:sb:39:64:a3:9c) 0lg bit: globally unique address (factory default) 0xg bit: individual address (unicast)type: arp (0x0806)padding: 000000000000000000000000000000000000ge) address resolution protocol (reply)0000 0010 00200030 address resolution protocol (repl

14、y)hardware type: protocol type: hardware size:ethernet (1)ip (0x0800)6protocol size:opcode: reply (2)sender mac address: asustekc_64:a3:9c (48:5b:39:64:a3:9c)sender ip address: 172.17.64.86 (172.17.64.86)target mac address: asustekc_21:eo:93 (be:ae:c5:21:eo:93)target ip address: 172.17.64.81 (172.17

15、.64.81)000000100020003000 00 00 00 00 00 00 00be ae c5 21 eo 93 48 5b39 64 a3 9c 08 06>00 0108 00 06 04 00 02 48 5b be ae c5 21 eo 93 ac 1139 64 a3 9c ac 1140emms00 000000 00172.17.64.86收到包,给出应答:a 丄 j2 vx jvz j vtb vc 亠 acb cv w 5 vcbwv.cu9u1544 286 580043 asust电tcc_21:eo:9j broadcastarp1545 286.

16、 580341 asustekc.64:a3:9c asustekc.21 :eo:93 arp1548 2867h1698co<npalxrkjl4:0c:49 broadcastarp1562 291.451636 asusrekc.64:a3:9c asustekc_21 :eo:93 arp1563 291.4 51723 asustekc_21 :e0:93 asustekc_64 : a3: 9c arpt7th 9d:rhl942 who has 172.17.64.86? tell 172.17.64.8160 172.17.64.86 is at 48:5b:39:64

17、:a3:9c60 who has 172.17.64.1? tell 172.17.64.4360 "o has 172.17.64.817 tell 172.17.64.8642 172.17.64.81 isatbc:ae:c5:21:e0:93frame 1562: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) on interface 0interface id: 0wtap_encap: 1arrival time: nov 25, 2012 19:08:49. 589381000 hlthhlhim|t

18、ime shift epoch time: time delta time delta time sincefor this packet: 0.000000000 seconds1353841729.589381000 secondsfrom previous captured frame:178023000 secondsfrom previous displayed frame: 4.719938000 seconds reference or first frame: 291.451636000 secondsframe number: 1562frame length: 60 byt

19、es (480 bits) capture length: 60 bytes (480 bits) frame is marked: falseframe is "ignored: false0000001000200030oooo e o e o 14 10 2 0 2 0 5 6 5 0 coco e o e o ao ao c 8 c o b ob o93 48 5b01 48 5b93 ac 1100 00 0099 0 03 3646451009c9cooo08ac00061100004000015600h 9d q± destination: asustekc_

20、21:eo:93 (bc:ae:c5:21:e0:93)0 source: asustekc_64:a3:9c (48:5b:39:64:a3:9c) type: arp (0x0806)padding: 000000000000000000000000000000000000 .±i address resolution protocol (request)0000001000200030c ae c5 21 eo 93 48 5es08b 皿0006006408caec521eo93ac114051moi00)0000000000000000000000010040画hs add

21、ress resolution protocol (request)hardware type: ethernet (1)protocol type: ip (0x0800)hardware size: 6protocol size: 4opcode: request (1)sender mac address: asustekc_64:a3:9c (48:5b:39:64:as:9c)sender ip address: 172.17.64.86 (172.17.64.86)be ae c5 21 eo 93 485b 3964 a? 9c 08 0608 00 06 04 00 01 48

22、 be ae c5 21 eo 93 ac :5b 39li 4064 a3 9c ac 11 40 565100 00 00 00 00 00 00 00 00 00 00 000000001000200030从图中看以看到两个arp包的碘件类型均为以太网;协议类型为ip;硬件地 址长度为6;协议长度为4;操作类型笫一个是request,笫二个是reply; 笫一个包的源主机mac和ip是主机pc1的地址,山于是request包,所以 目的地址只有主机pc2的ip地址,而mac地址默认为0。第二个包reply 包,由于pc2会将自己的mac地址對入其屮返回给pc1,所以我们看到reply 包的源ip与mac地址是pc2的地址,目的ip与mac地址是pc1的地址。由上可知:当清除arp表项后,p

人人文库> 全部分类> 生活休闲 > 科普知识

温馨提示

  • 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
  • 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
  • 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
  • 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
  • 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
  • 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
  • 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

最新文档

评论

0/150

提交评论