Name: Lincoln Thurlow Date: 3/4/14 Lab partner name (if any): None Total time spent on lab: 3.5 hours Time spent using GNS3: 2 hours

Size: px

Start display at page:

Download "Name: Lincoln Thurlow Date: 3/4/14 Lab partner name (if any): None Total time spent on lab: 3.5 hours Time spent using GNS3: 2 hours"

Jonah Kelley
7 years ago
Views:

1 Name: Lincoln Thurlow Date: 3/4/14 Lab partner name (if any): None Total time spent on lab: 3.5 hours Time spent using GNS3: 2 hours Sample Answer Template All of my answers are in red to indicate what a proper report answer will look like. Generally when I run through labs I like to do so with the google-doc version of the lab open, so that I can work with both windows open at the same time. In this lab you will learn how to configure a network interface for IP networking, how to access IP statistics and setting with the netstat command, how ARP works, and how hackers snoop passwords from the network. In other words, you will become acquainted with IP configuration issues on a single Ethernet segment. To complete this lab you must perform the following steps: Step 1 - Connect three of the Linux VMs to a virtual ethernet switch. Develop an addressing plan for for the topology, boot the VMs and use the Linux ifconfig command to configure the IP addresses and determine the MAC addresses for eth0 on all three PCs. Use the ping command to confirm that all hosts can reach each other, and use wireshark to capture some of the ping traffic. Include the address plan and MAC addresses (e.g. using the table below) along with the output from the ping command or wireshark data showing connectivity in your lab report (10 pts). IP Address MAC Address PC :00:00:00:00:01 PC :00:00:00:00:02 PC :00:00:00:00:03 Include the screenshot of the topology as you see fit to justify your points. Here I include the screenshot that shows the connections as required by the question. Note that the simulation is running (all green lights). That is what I would like to see if you include topology screenshots.

2 From the above screenshot, we can see that from PC1, we pinged PC2 and PC3. Our ICMP Echo Requests were replied back to, and our ping messages succeeded (1,2). We know that everything worked well because we have resolved the MAC addresses of PC2 and PC3 as seen from section (3) of the screenshot. If the question requires us to examine ARP, or the packet headers, it is not enough to include PING or ARP command output, in those cases we need to examine wireshark or tcpdump. If you include a wireshark screenshot, make sure the include ONLY the relevant parts of the capture. Here if needed we could explain about how before we sent the ICMP Echo Request, we first send an ARP message to the broadcast in an attempt to find the destination (PC2 s) MAC address. Once we acquire the MAC address of our destination, we can then send out our ICMP Echo Request. Below I have included what an unannotated version of the Wireshark data from PC1 pinging PC3. I looks almost identical. When including evidence to your report - EXPLAIN IT! It is not enough to just copy paste evidence, you must evaluate and understand how it supports your conclusions.

3 Another method is using the RAW wireshark or TCP Data: :00:00_00:00:01 Broadcast ARP 42 Who has ? Tell :00:00_00:00:02 00:00:00_00:00:01 ARP is at 00:00:00:00:00: ICMP 98 Echo (ping) request id=0x7208, seq=1/256, ICMP 98 Echo (ping) reply id=0x7208, seq=1/256, Either method works, but please make sure that it aesthetically pleasing. By that I mean that your evidence is readable, and formatted. Hints for getting an A on your Report: 1. Answer the question, but more importantly add evidence to support your conclusion. 2. Be thorough, and specific. 3. Read the Lab and section before attending section. 4. Cite external sources. 5. Come to lab section and ask questions about the lab. 6. Turn your lab in on-time.

4 BAD DO NOT GIVE ME OUTPUT LIKE THIS. You can imagine that see this times is one of the most boring things imaginable :00:00_00:00:01 Broadcast ARP 42 Who has ? Tell Frame 1: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: Broadcast (ff:ff:ff:ff:ff:ff) :00:00_00:00:02 00:00:00_00:00:01 ARP is at 00:00:00:00:00:02 Frame 2: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) ICMP 98 Echo (ping) request id=0x7208, seq=1/256, Frame 3: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:02 (00:00:00:00:00:02) Internet Protocol Version 4, Src: ( ), Dst: ( ) ICMP 98 Echo (ping) reply id=0x7208, seq=1/256, Frame 4: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Internet Protocol Version 4, Src: ( ), Dst: ( ) ICMP 98 Echo (ping) request id=0x7208, seq=2/512, Frame 5: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:02 (00:00:00:00:00:02) Internet Protocol Version 4, Src: ( ), Dst: ( )

5 ICMP 98 Echo (ping) reply id=0x7208, seq=2/512, Frame 6: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Internet Protocol Version 4, Src: ( ), Dst: ( ) :00:00_00:00:02 00:00:00_00:00:01 ARP 60 Who has ? Tell Frame 7: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) :00:00_00:00:01 00:00:00_00:00:02 ARP is at 00:00:00:00:00:01 Frame 8: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:02 (00:00:00:00:00:02) :00:00_00:00:01 Broadcast ARP 42 Who has ? Tell Frame 9: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: Broadcast (ff:ff:ff:ff:ff:ff) :00:00_00:00:03 00:00:00_00:00:01 ARP is at 00:00:00:00:00:03 Frame 10: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) ICMP 98 Echo (ping) request id=0x7408, seq=1/256, Frame 11: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:03 (00:00:00:00:00:03) Internet Protocol Version 4, Src: ( ), Dst: ( )

6 ICMP 98 Echo (ping) reply id=0x7408, seq=1/256, Frame 12: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Internet Protocol Version 4, Src: ( ), Dst: ( ) ICMP 98 Echo (ping) request id=0x7408, seq=2/512, Frame 13: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:03 (00:00:00:00:00:03) Internet Protocol Version 4, Src: ( ), Dst: ( ) ICMP 98 Echo (ping) reply id=0x7408, seq=2/512, Frame 14: 98 bytes on wire (784 bits), 98 bytes captured (784 bits) Internet Protocol Version 4, Src: ( ), Dst: ( ) :00:00_00:00:03 00:00:00_00:00:01 ARP 60 Who has ? Tell Frame 15: 60 bytes on wire (480 bits), 60 bytes captured (480 bits) :00:00_00:00:01 00:00:00_00:00:03 ARP is at 00:00:00:00:00:01 Frame 16: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) Ethernet II, Src: 00:00:00_00:00:01 (00:00:00:00:00:01), Dst: 00:00:00_00:00:03 (00:00:00:00:00:03)

LAB THREE STATIC ROUTING

LAB THREE STATIC ROUTING In this lab you will work with four different network topologies. The topology for Parts 1-4 is shown in Figure 3.1. These parts address router configuration on Linux PCs and a