Interactive Session (1): HTTP/HTTPS, DNS/DNSSEC

Welcome to Interactive Session (1). You will have two sections in this session: HTTP/HTTPS and DNS/DNSSEC. You will begin working on the questions presented to you on your own time. The Interactive Session is estimated to take 30-40 minutes of your time. If you need more time, you can keep working on it on your pace until the due date to finish, or redo this Interactive Session as many times as you wish. Your highest score among all attempts will be considered for you.

In this Interactive Session, you will start using Wireshark, collect traces from HTTP, HTTPS, DNS, and DNSSEC (DS, RRSIG, DNSKEY) traffic, and analyze the output. You will also use commands like nslookup and dig and discuss additional available tools and software for experimentation and network security analysis, and you will analyze your findings using classical network architecture, and compositional network architecture.

You are encouraged to play more with the Wireshark using the knowledge you have gained through this Interactive Session, and with the trace files provided. Also, please do not hesitate to collect your own live traces and compare the results of your analysis to the provided packet captures.

Acknowledgement

This Interactive Session is prepared based on Wireshark Labs and Wireshark Trace Files from http://www-net.cs.umass.edu/wireshark-labs/ and network security labs from SEED Labs 2.0: https://seedsecuritylabs.org/Labs_20.04/Networking/

The main concepts for the analytical questions follows our discussions from The Real Internet Architecture.