EE984 Laboratory Experiment 2: Protocol Analysis

Size: px
Start display at page:

Download "EE984 Laboratory Experiment 2: Protocol Analysis"

Transcription

1 EE984 Laboratory Experiment 2: Protocol Analysis Abstract This experiment provides an introduction to protocols used in computer communications. The equipment used comprises of four PCs connected via a single hub to an Ethernet. Together with software protocol analysers, these facilities will enable you to gain an insight into protocol operations, and allow you to examine the effect of changing parameters within these protocols. The protocols to be examined will be at the MAC, Network and Transport layers of the Open Systems Interconnection (OSI) model - in particular TCP/IP protocols. Table of Content 1. Network Environment in the Networks Lab Tasks and Objectives Experimental Features Experimental Set-up tcpdump: network monitoring software traffic: traffic generating software listener: verifies the traffic generator operation ftp: creates TCP/IP packets within the sub-net Parsing program A simple introduction to a packet and headers Experimental Procedure Method of Assessment... 9 References

2 1. Network Environment in the Networks Lab The MSc Network Laboratory is located in the ESE PC Laboratory on level 4, (room 4SB.5.1). A number of experimental networks may be found in the laboratory (esenet[1-5],esenet[6-10] and esenet[11-14], where only the first four machines should be used in the case of the first two networks). Each experimental computer network consists of four PCs running the Linux operating system, connected to a single hub. The network is physically connected to but logically isolated from the main campus network for security reasons by employing a firewall. The firewall will still permit the user to access home directories and perform ftp transactions, but prohibits campus-wide operations such as password changes. Use the logon username and password given at the start of the laboratory session to access the workstations. On the machine you have normal access to familiar programs but in addition superuser privileges for monitoring traffic flowing on this local network using tcpdump. Access to all other workstations on the campus network is prohibited except to mount home directories and perform ftp operations. 2. Tasks and Objectives It is essential to do some background reading on the technical aspects of the network. To understand the experiment you must understand how Ethernet (CSMA/CD bus network) and TCP/IP work, in particular, the structure of the Ethernet frame, IP datagram and TCP segment. Please refer to the references if current course notes are insufficient. Using the network monitoring software (tcpdump) capture the statistics associated with a data transfer from one machine to another. Then write a piece of code to parse (filter) the data returned by the network monitor and decode and identify the various aspects of the packet. The code may be implemented using Java, C, C++ or even a high level scripting language such as TCL or csh and awk. Once the session is completed, analyse TCP/IP fields of all the frames captured to gain a clear undestanding of the protocol operations during the session. Record in your report some captured data and give a detailed explanation of the exchange of the TCP control segments. Your understanding of the conversation between the two workstations at a TCP level is crucial to the final outcome of your report. The experimental set-up is provided with a piece of software which generates traffic within the sub network. The above procedure should be repeated both with and without the synthetically generated traffic to investigate the effects on the TCP packets. Final reports should include discussion on the decoding of the frame, the encapsulation of the packet, and the effects of traffic levels on the packet. The discussion should be reinforced by use of examples. 2

3 3. Experimental Features 3.1. Experimental Set-up Features of the experiment are as follows: 4 PCs running LINUX; ESENET[1-5], ESENET[6-10], ESENET[11-14] a single hub to which each block of four machines are connected. a firewall for security purposes. superuser priveleges for tcpdump network monitoring software. a UDP traffic generator program (called traffic ). a listen program ( listener ) which verifies the traffic generator operation. a program such as ftp to generate the TCP/IP packets to be monitored a program written by you to parse the output data from tcpdump Figure 1: Experiment Overview Figure 1 shows the experimental overview. Which machine runs which piece of software is an arbitrary decision. In the set-up shown ESENET1 is running tcpdump, which is monitoring traffic from a campus machine to ESENET4. ESENT2 is running the traffic software that is sending UDP packets to ESENT3. ESENT3 is monitoring the UDP traffic it is receiving from ESENT tcpdump: network monitoring software tcpdump is a powerful network monitoring facility that allows you to capture the headers of packets on a network interface. In addition, tcpdump provides various options for protocol analysis. 3

4 tcpdump [ -adeflnnopqstvx ] [ -c count ] [ -F file ] [ -i interface ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ expression ] The man page for tcpdump should be consulted for a full description of the facility. Read the man page carefully and try out various options until you are confident in its use. As an example: tcpdump -x dst host eses25 and src host esenet4 outputs the hexadecimal (-x) TCP/IP packet headers for communications from esenet4 (dst host) to eses25 (src host) (but not back!). Additionally using the -e option will also print out the MAC level header including the Ethernet address traffic: traffic generating software traffic generates UDP packets and sends them to a specified destination. The software simulates a network under high traffic load. The software is invoked using the command line arguments: traffic [hostipaddress] [packetsize] [hostname] A typical command line would be traffic esenet11 which loads the mini network by about 1Mbit/s, sending the traffic to the host esenet11 with the IP address listener: verifies the traffic generator operation Invoked by typing simply listen provides an indication of the number and size of UDP packets being received per second, the program must be run on the machine to which the traffic generator is sending the UDP packets to function. Your group will be supplied with traffic and listen on a floppy disk. Copy these files to the floppy disk in a Linux shell using Dos commands with the prefix m (or use the linux commands if you are familiar with them). For example mcopy a:\traffic 4

5 To run the program you may need to refer to it as./traffic (i.e., traffic is in the current directory) and also change the permissions on it:- chmod 777./traffic 3.5. ftp: creates TCP/IP packets within the sub-net Use sftp (secure ftp) to get a reasonably large file from a campus account and monitor the connection between the selected ESENET machine and campus machine by using the appropriate command line invocation of tcpdump. Sftp needs to be used because the laboratory is behind the firewall. By using sftp to connect to any valid campus machine (e.g. UNIX1) and supplying your username and password you will access your files Parsing program A parser is a program, which filters specific data items from a larger collection of data, some of the information is therefore not required for display. This program is absent from the set of features provided for the experiment and must be written by you. 4. A simple introduction to a packet and headers Suppose you want to send a registered letter to your friend in London. The following actions happen: Layer 3. You write the letter, put it in a stamped addressed envelope, and then take it to a post office. Layer 2. A clerk deals with the registration details and stamps a code on the envelope. Layer 1. The letter is transported from the source to the destination using the address. Layer 2. A postman takes note of the registration details and passes the letter to your friend. Layer 3. Your friend opens the envelope and reads the letter. The same kinds of operation happen when computers exchange information with one another. The required information is packaged, encoded and passed through various layers before it is sent to another computer. In each layer some control information is added to the original message. The control information and the original message are then passed on to the neighbouring layer where it is treated as a single piece of data for transmission. 5

6 The control information added at each layer is based on a protocol, or in other words a set of rules. They identify the source and destination, the sequence number of the message, what to do with the message when received, whether to acknowledge it, and so on. In order to transmit one message, there is actually a 'conversation' between the computers, which goes through several phases like establishing the link, transferring the message, reliability control (error checking) and eventually terminating the conversation. Figure 2 shows the headers, which are present in the experiment. TCP header information is used to fragment and guarantee delivery and in order reconstruction of packets. This `rides on top' of basic internet protocol (IP) which offers no guarantee of delivery. Below this is the link level header, which deals with addressing within the campus Ethernet LAN. If you understand the protocol, have the means to capture packets and the ability to decode the packets captured, you can eavesdrop and understand a conversation between computers. In default mode tcpdump only allows the header to be observed. Figure 2: Packet Header 6

7 A typical output from tcpdump which is monitoring traffic between esenet4 and eses25 (and eses25 and esenet4, where eses25 is a host in other of the networks) is shown below, the example was for a remote login from esenet4 to eses25. The link level header can be output by using the tcpdump -e option. The region shown in bold is the Ethernet addresses of the two machines produced using the command line: tcpdump -x -e host eses25 and host esenet4 04:22: :80:c8:90:5f:b4 8:0:69:b:2f:f7 ip 67: esenet > voice.login: P : (1) ack win <nop,nop,timestamp to (DF) [tos 0x10] a f081 9bf5 a483 9bf5 d3c1 03ff 0201 c e3 5b9d d78 f a 02a5 f0a7 000d 1c3b 66 The non hexadecimal region (second line) says that tcp port 1023 on esenet4 sent a packet to a login port on voice. The P indicates the PUSH flag is set, the packet sequence number was and one byte was sent. The notation is `first:last(nbytes)' which means `sequence numbers first up to but not including last which is nbytes bytes of user data'. There was a piggyback acknowledgement. The available receive window is bytes. Please man tcpdump for a more complete explanation. The hexadecimal region: a f081 9bf5 a483 9bf5 d3c1 03ff 0201 c e3 5b9d d78 f a 02a5 f0a7 000d 1c3b 66 This example can be broken down as follows, starting from the top left start ip header hex 4 is the version (4 dec). hex 5 is the header length (5 dec) in 32 bit words). 7

8 hex 10 is the type of service (16 dec) i.e.reliability/speed. hex 0035 is the total length (53 dec). hex 9a01 is the identification as to which datagram the packet belongs. hex 4000 describes how to fragment the datagram. hex 40 is the time to live (64 dec). hex 06 is the protocol. hex f081 is the header checksum. hex 9b f5 a4 83 is the source address ( ) esenet4 hex 9b f5 d3 c1 is the destination ( ) voice end ip header verify for yourself the following from the textural part of the tcpdump output start TCP header hex 03ff is the esenet4 port number (dec 1023) hex c is the sequence number (dec ) hex 48e3 58e7 is the piggyback acknowledgement (dec ) hex 8018, 8 is the tcp header length 018 is the flag field hex 7d78 is the available receive window (dec 32120) the rest are optional fields. 5. Experimental Procedure Become familiar with tcpdump and run it on one of the four machines in the experimental sub-net. Monitor traffic from one of the free ESENET machines to a campus machine and also the return path from the campus machine back to the ESENET machine using the correct expression primitive (see man pages). Once invoked tcpdump should return `monitoring eth0', until TCP traffic becomes present. To make traffic on the link, FTP another machine from CAMPUS and transfer a data file (any file will do). The machine running tcpdump, which is monitoring the link should then display a number of packet headers of the format shown in section 5. Once this is verified, examine and discuss the findings. Now repeat the experiment, but this time redirect the output to a file for later examination. Section 4 gave a brief explanation of the meanings of the hex output seen from tcpdump. Write a program that takes the tcpdump output (that you redirected to a file) and automatically sorts such things as source address, packet size, TTL etc. The specific 8

9 operation of the program is left to you the designer, but could for example use the following syntax: parse tcpdump_output.text [-t TTL_stamp packetsize] [-s source_address] etc.. to output for example: Once this has successfully been accomplished, the traffic program discussed in section 4.3 should be run on one of the two remaining free machines and the UDP packets should be directed towards the remaining idle machine. The tcpdump output should again be parsed but this time in the presence of the generated traffic. With your knowledge of CSMA/CD which parameters in the header would you expect to change and why? Is this verified by the experimental data? Would you expect to observe packet loss in the congested experimental network? 6. Method of Assessment Assignment only. The report will be graded according to the following breakdown. 20% parser program 50% demonstration of an understanding of the protocols 30% report presentation The report should be limited in size to a maximum of 20 pages, excluding appendices, which may be used to present code etc. The report should be submitted by Friday of Week 16 (Spring Term) at the latest. References [1] Computer Networks, 3rd edition, A Tanenbaum, (Prentice Hall) pp , and [2] Data and Computer Communication, 4th edition, W Stallings, (Macmillan) pp , , and

10 [3] Data Communications Computer Networks and Open Systems, 4th edition, F Halsall, (Addison-Wesley) pp , , and [4] Internetworking with TCP/IP, Vol. 1, D E Comer, (Prentice-Hall International). An expert book on TCP/IP and its popular underlying network, Ethernet. [5] You can also easily find relevant tutorial materials on Ethernet (CSMA/CD) and TCP/IP on the Internet Dr. J.C. Woods, October Updated 2002 by Dr S. Monaghan; Updated 2003 by Dr K. Yang 10

Introduction to Analyzer and the ARP protocol

Introduction to Analyzer and the ARP protocol Laboratory 6 Introduction to Analyzer and the ARP protocol Objetives Network monitoring tools are of interest when studying the behavior of network protocols, in particular TCP/IP, and for determining

More information

Computer Networks/DV2 Lab

Computer Networks/DV2 Lab Computer Networks/DV2 Lab Room: BB 219 Additional Information: http://www.fb9dv.uni-duisburg.de/ti/en/education/teaching/ss13/netlab Equipment for each group: - 1 Server computer (OS: Windows Server 2008

More information

Module 1: Reviewing the Suite of TCP/IP Protocols

Module 1: Reviewing the Suite of TCP/IP Protocols Module 1: Reviewing the Suite of TCP/IP Protocols Contents Overview 1 Lesson: Overview of the OSI Model 2 Lesson: Overview of the TCP/IP Protocol Suite 7 Lesson: Viewing Frames Using Network Monitor 14

More information

Objectives of Lecture. Network Architecture. Protocols. Contents

Objectives of Lecture. Network Architecture. Protocols. Contents Objectives of Lecture Network Architecture Show how network architecture can be understood using a layered approach. Introduce the OSI seven layer reference model. Introduce the concepts of internetworking

More information

Computer Networks/DV2 Lab

Computer Networks/DV2 Lab Computer Networks/DV2 Lab Room: BB 219 Additional Information: http://www.fb9dv.uni-duisburg.de/ti/en/education/teaching/ss08/netlab Equipment for each group: - 1 Server computer (OS: Windows 2000 Advanced

More information

Wireshark Tutorial INTRODUCTION

Wireshark Tutorial INTRODUCTION Wireshark Tutorial INTRODUCTION The purpose of this document is to introduce the packet sniffer WIRESHARK. WIRESHARK would be used for the lab experiments. This document introduces the basic operation

More information

Technical Support Information Belkin internal use only

Technical Support Information Belkin internal use only The fundamentals of TCP/IP networking TCP/IP (Transmission Control Protocol / Internet Protocols) is a set of networking protocols that is used for communication on the Internet and on many other networks.

More information

Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol

Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol 1 TCP/IP protocol suite A suite of protocols for networking for the Internet Transmission control protocol (TCP) or User Datagram protocol

More information

TCP/IP Concepts Review. A CEH Perspective

TCP/IP Concepts Review. A CEH Perspective TCP/IP Concepts Review A CEH Perspective 1 Objectives At the end of this unit, you will be able to: Describe the TCP/IP protocol stack For each level, explain roles and vulnerabilities Explain basic IP

More information

Internet Protocols. Addressing & Services. Updated: 9-29-2012

Internet Protocols. Addressing & Services. Updated: 9-29-2012 Internet Protocols Addressing & Services Updated: 9-29-2012 Virtual vs. Physical Networks MAC is the part of the underlying network MAC is used on the LAN What is the addressing mechanism in WAN? WAN is

More information

Voice over IP. Demonstration 1: VoIP Protocols. Network Environment

Voice over IP. Demonstration 1: VoIP Protocols. Network Environment Voice over IP Demonstration 1: VoIP Protocols Network Environment We use two Windows workstations from the production network, both with OpenPhone application (figure 1). The OpenH.323 project has developed

More information

TCP/IP Network Essentials. Linux System Administration and IP Services

TCP/IP Network Essentials. Linux System Administration and IP Services TCP/IP Network Essentials Linux System Administration and IP Services Layers Complex problems can be solved using the common divide and conquer principle. In this case the internals of the Internet are

More information

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address Objectives University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Networks Laboratory 907528 Lab.4 Basic Network Operation and Troubleshooting 1. To become familiar

More information

Introduction to Network Security Lab 1 - Wireshark

Introduction to Network Security Lab 1 - Wireshark Introduction to Network Security Lab 1 - Wireshark Bridges To Computing 1 Introduction: In our last lecture we discussed the Internet the World Wide Web and the Protocols that are used to facilitate communication

More information

Chapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.

Chapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci. Chapter 3: Review of Important Networking Concepts Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.edu/~magda 1 Networking Concepts Protocol Architecture Protocol Layers Encapsulation

More information

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF Network Layer IPv4 Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF IPv4 Internet Protocol (IP) is the glue that holds the Internet together.

More information

RARP: Reverse Address Resolution Protocol

RARP: Reverse Address Resolution Protocol SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it

More information

Network Security TCP/IP Refresher

Network Security TCP/IP Refresher Network Security TCP/IP Refresher What you (at least) need to know about networking! Dr. David Barrera Network Security HS 2014 Outline Network Reference Models Local Area Networks Internet Protocol (IP)

More information

EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL

EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL PREPARATIONS STUDYING SIP PROTOCOL The aim of this exercise is to study the basic aspects of the SIP protocol. Before executing the exercise you should

More information

Homework 3 TCP/IP Network Monitoring and Management

Homework 3 TCP/IP Network Monitoring and Management Homework 3 TCP/IP Network Monitoring and Management Hw3 Assigned on 2013/9/13, Due 2013/9/24 Hand In Requirement Prepare a activity/laboratory report (name it Hw3_WebSys.docx) using the ECET Lab report

More information

Project 2: Firewall Design (Phase I)

Project 2: Firewall Design (Phase I) Project 2: Firewall Design (Phase I) CS 161 - Joseph/Tygar November 12, 2006 1 Edits If we need to make clarifications or corrections to this document after distributing it, we will post a new version

More information

Fundamentals of UNIX Lab 16.2.6 Networking Commands (Estimated time: 45 min.)

Fundamentals of UNIX Lab 16.2.6 Networking Commands (Estimated time: 45 min.) Fundamentals of UNIX Lab 16.2.6 Networking Commands (Estimated time: 45 min.) Objectives: Develop an understanding of UNIX and TCP/IP networking commands Ping another TCP/IP host Use traceroute to check

More information

Networking Test 4 Study Guide

Networking Test 4 Study Guide Networking Test 4 Study Guide True/False Indicate whether the statement is true or false. 1. IPX/SPX is considered the protocol suite of the Internet, and it is the most widely used protocol suite in LANs.

More information

PART OF THE PICTURE: The TCP/IP Communications Architecture

PART OF THE PICTURE: The TCP/IP Communications Architecture PART OF THE PICTURE: The / Communications Architecture 1 PART OF THE PICTURE: The / Communications Architecture BY WILLIAM STALLINGS The key to the success of distributed applications is that all the terminals

More information

Attack Lab: Attacks on TCP/IP Protocols

Attack Lab: Attacks on TCP/IP Protocols Laboratory for Computer Security Education 1 Attack Lab: Attacks on TCP/IP Protocols Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science

More information

BASIC ANALYSIS OF TCP/IP NETWORKS

BASIC ANALYSIS OF TCP/IP NETWORKS BASIC ANALYSIS OF TCP/IP NETWORKS INTRODUCTION Communication analysis provides powerful tool for maintenance, performance monitoring, attack detection, and problems fixing in computer networks. Today networks

More information

Troubleshooting Tools

Troubleshooting Tools Troubleshooting Tools An overview of the main tools for verifying network operation from a host Fulvio Risso Mario Baldi Politecnico di Torino (Technical University of Turin) see page 2 Notes n The commands/programs

More information

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet Basic Networking Concepts 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet 1 1. Introduction -A network can be defined as a group of computers and other devices connected

More information

UPPER LAYER SWITCHING

UPPER LAYER SWITCHING 52-20-40 DATA COMMUNICATIONS MANAGEMENT UPPER LAYER SWITCHING Gilbert Held INSIDE Upper Layer Operations; Address Translation; Layer 3 Switching; Layer 4 Switching OVERVIEW The first series of LAN switches

More information

A PPENDIX L TCP/IP and OSI

A PPENDIX L TCP/IP and OSI A PPENDIX L TCP/IP and OSI William Stallings Copyright 2010 L.1 PROTOCOLS AND PROTOCOL ARCHITECTURES...2! L.2 THE TCP/IP PROTOCOL ARCHITECTURE...5! TCP/IP Layers...5! TCP and UDP...7! Operation of TCP/IP...7!

More information

2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 2057-15 First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 7-25 September 2009 TCP/IP Networking Abhaya S. Induruwa Department

More information

Transport and Network Layer Protocols Lab TCP/IP

Transport and Network Layer Protocols Lab TCP/IP Transport and Network Layer Protocols Lab TCP/IP Name: Date Experiment Performed: Group Members: TCP/IP lab Version 1.3, February 2004-1 - PART I: Internet Protocol (IP) Objective Internet Protocols are

More information

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP Guide to Network Defense and Countermeasures Third Edition Chapter 2 TCP/IP Objectives Explain the fundamentals of TCP/IP networking Describe IPv4 packet structure and explain packet fragmentation Describe

More information

Firewall Implementation

Firewall Implementation CS425: Computer Networks Firewall Implementation Ankit Kumar Y8088 Akshay Mittal Y8056 Ashish Gupta Y8410 Sayandeep Ghosh Y8465 October 31, 2010 under the guidance of Prof. Dheeraj Sanghi Department of

More information

Lecture 15. IP address space managed by Internet Assigned Numbers Authority (IANA)

Lecture 15. IP address space managed by Internet Assigned Numbers Authority (IANA) Lecture 15 IP Address Each host and router on the Internet has an IP address, which consist of a combination of network number and host number. The combination is unique; no two machines have the same

More information

Protocol Data Units and Encapsulation

Protocol Data Units and Encapsulation Chapter 2: Communicating over the 51 Protocol Units and Encapsulation For application data to travel uncorrupted from one host to another, header (or control data), which contains control and addressing

More information

Transport and Network Layer

Transport and Network Layer Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a

More information

Communications and Computer Networks

Communications and Computer Networks SFWR 4C03: Computer Networks and Computer Security January 5-8 2004 Lecturer: Kartik Krishnan Lectures 1-3 Communications and Computer Networks The fundamental purpose of a communication system is the

More information

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder. CMSC 355 Lab 3 : Penetration Testing Tools Due: September 31, 2010 In the previous lab, we used some basic system administration tools to figure out which programs where running on a system and which files

More information

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK PACKET SNIFFING MS. SONALI A. KARALE 1, MS. PUNAM P. HARKUT 2 HVPM COET Amravati.

More information

Overview of TCP/IP. TCP/IP and Internet

Overview of TCP/IP. TCP/IP and Internet Overview of TCP/IP System Administrators and network administrators Why networking - communication Why TCP/IP Provides interoperable communications between all types of hardware and all kinds of operating

More information

Note! The problem set consists of two parts: Part I: The problem specifications pages Part II: The answer pages

Note! The problem set consists of two parts: Part I: The problem specifications pages Part II: The answer pages Part I: The problem specifications NTNU The Norwegian University of Science and Technology Department of Telematics Note! The problem set consists of two parts: Part I: The problem specifications pages

More information

Computer Networks - Xarxes de Computadors

Computer Networks - Xarxes de Computadors Computer Networks - Xarxes de Computadors Teacher: Llorenç Cerdà Slides: http://studies.ac.upc.edu/fib/grau/xc Outline Course Syllabus Unit 2. IP Networks Unit 3. TCP Unit 4. LANs Unit 5. Network applications

More information

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig

Network Traffic Evolution. Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig Network Traffic Evolution Prof. Anja Feldmann, Ph.D. Dr. Steve Uhlig 1 Example trace Name port % bytes % packets bytes per packet world-wide-web 80???????????? netnews 119???????????? pop-3 mail 110????????????...

More information

Guideline for setting up a functional VPN

Guideline for setting up a functional VPN Guideline for setting up a functional VPN Why do I want a VPN? VPN by definition creates a private, trusted network across an untrusted medium. It allows you to connect offices and people from around the

More information

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs Tasks: 1 (10 min) Verify that TCP/IP is installed on each of the computers 2 (10 min) Connect the computers together via a switch 3 (10 min)

More information

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols Guide to TCP/IP, Third Edition Chapter 3: Data Link and Network Layer TCP/IP Protocols Objectives Understand the role that data link protocols, such as SLIP and PPP, play for TCP/IP Distinguish among various

More information

Network Traffic Analysis

Network Traffic Analysis 2013 Network Traffic Analysis Gerben Kleijn and Terence Nicholls 6/21/2013 Contents Introduction... 3 Lab 1 - Installing the Operating System (OS)... 3 Lab 2 Working with TCPDump... 4 Lab 3 - Installing

More information

Solution of Exercise Sheet 5

Solution of Exercise Sheet 5 Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????

More information

A Heterogeneous Internetworking Model with Enhanced Management and Security Functions

A Heterogeneous Internetworking Model with Enhanced Management and Security Functions Session 1626 A Heterogeneous Internetworking Model with Enhanced Management and Security Functions Youlu Zheng Computer Science Department University of Montana Yan Zhu Sybase, Inc. To demonstrate how

More information

Ethernet. Ethernet. Network Devices

Ethernet. Ethernet. Network Devices Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking

More information

Chapter 9. IP Secure

Chapter 9. IP Secure Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.

More information

LAB THREE STATIC ROUTING

LAB THREE STATIC ROUTING LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a

More information

Lecture Computer Networks

Lecture Computer Networks Prof. Dr. H. P. Großmann mit M. Rabel sowie H. Hutschenreiter und T. Nau Sommersemester 2012 Institut für Organisation und Management von Informationssystemen Thomas Nau, kiz Lecture Computer Networks

More information

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Firewall VPN Router. Quick Installation Guide M73-APO09-380 Firewall VPN Router Quick Installation Guide M73-APO09-380 Firewall VPN Router Overview The Firewall VPN Router provides three 10/100Mbit Ethernet network interface ports which are the Internal/LAN, External/WAN,

More information

Multi-Homing Dual WAN Firewall Router

Multi-Homing Dual WAN Firewall Router Multi-Homing Dual WAN Firewall Router Quick Installation Guide M73-APO09-400 Multi-Homing Dual WAN Firewall Router Overview The Multi-Homing Dual WAN Firewall Router provides three 10/100Mbit Ethernet

More information

Innominate mguard Version 6

Innominate mguard Version 6 Innominate mguard Version 6 Application Note: Firewall Logging mguard smart mguard PCI mguard blade mguard industrial RS EAGLE mguard mguard delta Innominate Security Technologies AG Albert-Einstein-Str.

More information

Tcpdump Lab: Wired Network Traffic Sniffing

Tcpdump Lab: Wired Network Traffic Sniffing Cyber Forensics Laboratory 1 Tcpdump Lab: Wired Network Traffic Sniffing Copyright c 2012 Hui Li and Xinwen Fu, University of Massachusetts Lowell Permission is granted to copy, distribute and/or modify

More information

VLAN for DekTec Network Adapters

VLAN for DekTec Network Adapters Application Note DT-AN-IP-2 VLAN for DekTec Network Adapters 1. Introduction VLAN (Virtual LAN) is a technology to segment a single physical network into multiple independent virtual networks. The VLANs

More information

finger, ftp, host, hostname, mesg, rcp, rlogin, rsh, scp, sftp, slogin, ssh, talk, telnet, users, w, walla, who, write,...

finger, ftp, host, hostname, mesg, rcp, rlogin, rsh, scp, sftp, slogin, ssh, talk, telnet, users, w, walla, who, write,... Read Chapter 9 Linux network utilities finger, ftp, host, hostname, mesg, rcp, rlogin, rsh, scp, sftp, slogin, ssh, talk, telnet, users, w, walla, who, write,... 1 Important to know common network terminology

More information

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4) Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely

More information

Lab VI Capturing and monitoring the network traffic

Lab VI Capturing and monitoring the network traffic Lab VI Capturing and monitoring the network traffic 1. Goals To gain general knowledge about the network analyzers and to understand their utility To learn how to use network traffic analyzer tools (Wireshark)

More information

CSE 3461 / 5461: Computer Networking & Internet Technologies

CSE 3461 / 5461: Computer Networking & Internet Technologies Autumn Semester 2014 CSE 3461 / 5461: Computer Networking & Internet Technologies Instructor: Prof. Kannan Srinivasan 08/28/2014 Announcement Drop before Friday evening! k. srinivasan Presentation A 2

More information

Unix System Administration

Unix System Administration Unix System Administration Chris Schenk Lecture 08 Tuesday Feb 13 CSCI 4113, Spring 2007 ARP Review Host A 128.138.202.50 00:0B:DB:A6:76:18 Host B 128.138.202.53 00:11:43:70:45:81 Switch Host C 128.138.202.71

More information

TCP/IP Networking An Example

TCP/IP Networking An Example TCP/IP Networking An Example Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example intents to motivate the

More information

CHAPTER 3 STATIC ROUTING

CHAPTER 3 STATIC ROUTING CHAPTER 3 STATIC ROUTING This chapter addresses the end-to-end delivery service of IP and explains how IP routers and hosts handle IP datagrams. The first section discusses how datagrams are forwarded

More information

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols

More information

Packet Sniffing with Wireshark and Tcpdump

Packet Sniffing with Wireshark and Tcpdump Packet Sniffing with Wireshark and Tcpdump Capturing, or sniffing, network traffic is invaluable for network administrators troubleshooting network problems, security engineers investigating network security

More information

Zarząd (7 osób) F inanse (13 osób) M arketing (7 osób) S przedaż (16 osób) K adry (15 osób)

Zarząd (7 osób) F inanse (13 osób) M arketing (7 osób) S przedaż (16 osób) K adry (15 osób) QUESTION NO: 8 David, your TestKing trainee, asks you about basic characteristics of switches and hubs for network connectivity. What should you tell him? A. Switches take less time to process frames than

More information

TOE2-IP FTP Server Demo Reference Design Manual Rev1.0 9-Jan-15

TOE2-IP FTP Server Demo Reference Design Manual Rev1.0 9-Jan-15 TOE2-IP FTP Server Demo Reference Design Manual Rev1.0 9-Jan-15 1 Introduction File Transfer Protocol (FTP) is the protocol designed for file sharing over internet. By using TCP/IP for lower layer, FTP

More information

EKT 332/4 COMPUTER NETWORK

EKT 332/4 COMPUTER NETWORK UNIVERSITI MALAYSIA PERLIS SCHOOL OF COMPUTER & COMMUNICATIONS ENGINEERING EKT 332/4 COMPUTER NETWORK LABORATORY MODULE LAB 2 NETWORK PROTOCOL ANALYZER (SNIFFING AND IDENTIFY PROTOCOL USED IN LIVE NETWORK)

More information

Lecture 8. IP Fundamentals

Lecture 8. IP Fundamentals Lecture 8. Internet Network Layer: IP Fundamentals Outline Layer 3 functionalities Internet Protocol (IP) characteristics IP packet (first look) IP addresses Routing tables: how to use ARP Layer 3 functionalities

More information

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 COURSE OVERVIEW: Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0 is a five-day, instructor-led training course that teaches learners

More information

Wireshark Tutorial. Figure 1: Packet sniffer structure

Wireshark Tutorial. Figure 1: Packet sniffer structure Wireshark Tutorial INTRODUCTION The purpose of this document is to introduce the packet sniffer Wireshark. Wireshark would be used for the lab experiments. This document introduces the basic operation

More information

COMPUTER NETWORK TECHNOLOGY (300)

COMPUTER NETWORK TECHNOLOGY (300) Page 1 of 10 Contestant Number: Time: Rank: COMPUTER NETWORK TECHNOLOGY (300) REGIONAL 2014 TOTAL POINTS (500) Failure to adhere to any of the following rules will result in disqualification: 1. Contestant

More information

Network layer: Overview. Network layer functions IP Routing and forwarding

Network layer: Overview. Network layer functions IP Routing and forwarding Network layer: Overview Network layer functions IP Routing and forwarding 1 Network layer functions Transport packet from sending to receiving hosts Network layer protocols in every host, router application

More information

IP Subnetting and Addressing

IP Subnetting and Addressing Indian Institute of Technology Kharagpur IP Subnetting and Addressing Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Kharagpur Lecture 6: IP Subnetting and Addressing

More information

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets

Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets Lab 5.5.3 Developing ACLs to Implement Firewall Rule Sets All contents are Copyright 1992 2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 8 Device Interface

More information

A network monitoring tool for student training

A network monitoring tool for student training A network monitoring tool for student training Miguel A. Mateo Pla, M.P. Malumbres Departamento de Informática de Sistemas y Computadores (DISCA) Facultad de Informática (FI) Universidad Politécnica de

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3

SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005. Lecturer: Kartik Krishnan Lecture 1-3 SFWR 4C03: Computer Networks & Computer Security Jan 3-7, 2005 Lecturer: Kartik Krishnan Lecture 1-3 Communications and Computer Networks The fundamental purpose of a communication network is the exchange

More information

Hands On Activities: TCP/IP Network Monitoring and Management

Hands On Activities: TCP/IP Network Monitoring and Management Hands On Activities: TCP/IP Network Monitoring and Management 1. TCP/IP Network Management Tasks TCP/IP network management tasks include Examine your physical and IP network address Traffic monitoring

More information

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Session Hijacking Exploiting TCP, UDP and HTTP Sessions Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being

More information

Network Security In Linux: Scanning and Hacking

Network Security In Linux: Scanning and Hacking Network Security In Linux: Scanning and Hacking Review Lex A lexical analyzer that tokenizes an input text. Yacc A parser that parses and acts based on defined grammar rules involving tokens. How to compile

More information

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Internet Protocol: IP packet headers. vendredi 18 octobre 13 Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)

More information

Ethereal: Getting Started

Ethereal: Getting Started Ethereal: Getting Started Computer Networking: A Topdown Approach Featuring the Internet, 3 rd edition. Version: July 2005 2005 J.F. Kurose, K.W. Ross. All Rights Reserved Tell me and I forget. Show me

More information

NETWORK LAYER/INTERNET PROTOCOLS

NETWORK LAYER/INTERNET PROTOCOLS CHAPTER 3 NETWORK LAYER/INTERNET PROTOCOLS You will learn about the following in this chapter: IP operation, fields and functions ICMP messages and meanings Fragmentation and reassembly of datagrams IP

More information

Networking Theory. Jeffrey Miller, Ph.D. CSCI 201L USC CSCI 201L

Networking Theory. Jeffrey Miller, Ph.D. CSCI 201L  USC CSCI 201L Networking Theory CSCI 201L Jeffrey Miller, Ph.D. HTTP://WWW-SCF.USC.EDU/~CSCI201 USC CSCI 201L Outline Networking Overview DNS IP Addressing Subnets DHCP Ports NAT Test Yourself USC CSCI 201L 2/24 Networking

More information

Subnetting,Supernetting, VLSM & CIDR

Subnetting,Supernetting, VLSM & CIDR Subnetting,Supernetting, VLSM & CIDR WHAT - IP Address Unique 32 or 128 bit Binary, used to identify a system on a Network or Internet. Network Portion Host Portion CLASSFULL ADDRESSING IP address space

More information

IP Addressing. IP Addresses. Introductory material.

IP Addressing. IP Addresses. Introductory material. IP Addressing Introductory material. An entire module devoted to IP addresses. IP Addresses Structure of an IP address Classful IP addresses Limitations and problems with classful IP addresses Subnetting

More information

IP Addressing A Simplified Tutorial

IP Addressing A Simplified Tutorial Application Note IP Addressing A Simplified Tutorial July 2002 COMPAS ID 92962 Avaya Labs 1 All information in this document is subject to change without notice. Although the information is believed to

More information

15-441 Project 3, Fall 2001 Stateful Functionality in IP Layer Out: Thursday, November 1, 2001 Due: Tuesday, December 4, 2001

15-441 Project 3, Fall 2001 Stateful Functionality in IP Layer Out: Thursday, November 1, 2001 Due: Tuesday, December 4, 2001 15-441 Project 3, Fall 2001 Stateful Functionality in IP Layer Out: Thursday, November 1, 2001 Due: Tuesday, December 4, 2001 1. Introduction In Project 2 we asked you to implement the IP layer of the

More information

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations

Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations Configuring MassTransit Server to listen on ports less than 1024 using WaterRoof on Macintosh Workstations Summary This article explains how to configure MassTransit to listen on ports less than 1024 without

More information

The internetworking solution of the Internet. Single networks. The Internet approach to internetworking. Protocol stacks in the Internet

The internetworking solution of the Internet. Single networks. The Internet approach to internetworking. Protocol stacks in the Internet The internetworking solution of the Internet Prof. Malathi Veeraraghavan Elec. & Comp. Engg. Dept/CATT Polytechnic University mv@poly.edu What is the internetworking problem: how to connect different types

More information

Laboratory work 4. Application of Windows OS Built-in Networks Diagnostic Tools

Laboratory work 4. Application of Windows OS Built-in Networks Diagnostic Tools Laboratory work 4 Application of Windows OS Built-in Networks Diagnostic Tools Objectives Get acquainted with Windows OS command-line network diagnostic, monitoring and management tools and their application

More information

ESSENTIALS. Understanding Ethernet Switches and Routers. April 2011 VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK

ESSENTIALS. Understanding Ethernet Switches and Routers. April 2011 VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK Contemporary Control Systems, Inc. Understanding Ethernet Switches and Routers This extended article was based on a two-part article that was

More information