-1

I'm a student and I'm taking my first networking class. I'm working on an assignment designed to get me used to using Wireshark and understanding packet transfers. Part of the assignment is to collect some data about a certain GET request, but my Wireshark isn't showing anything related to GET or POST requests.

I've discussed this with my instructor and he can't figure it out, either. I've tried uninstalling/reinstalling Wireshark, but haven't gotten anything different.

Here's what I'm getting when I should be getting GET data:

TCP http > 16070 [SYN, ACK] Seq=0 Ack=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 WS=512

This is the first packet I get when connecting to the required server. From what I've gathered from the assignment instructions and the instructor, this should get a GET request. Anyone have any ideas?

user82130
  • 103
  • 1

1 Answers1

2

The first thing you should see is not your HTTP GET request but the TCP 3 way handshake (session establishment/creation), part of which is what you've shown in your question.

Client ->> SYN ->> Server

Client <<- SYN ACK <<- Server

Client ->> ACK ->> Server

This establishes the session between the client and the server. After the session is established you'll see the HTTP traffic between the client and the server.

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • Oh, well in that case the first HTTP traffic I get is this: 26028 1157.104919000 128.119.245.12 10.0.0.7 HTTP 434 HTTP/1.1 200 OK (text/html) – user82130 Apr 17 '13 at 05:16
  • @user82130 - that's the reply from the webserver. – EEAA Apr 17 '13 at 05:18
  • Okay. This is the only other thing that comes up (but keep in mind that the page loads normally): 26030 1157.859131000 128.119.245.12 10.0.0.7 HTTP 564 HTTP/1.1 404 Not Found (text/html) – user82130 Apr 17 '13 at 05:23