Lab 2. CS-335a. Fall 2012 Computer Science Department. Manolis Surligas surligas@csd.uoc.gr

Similar documents
1 Data information is sent onto the network cable using which of the following? A Communication protocol B Data packet

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address

Transport and Network Layer

Introduction to Analyzer and the ARP protocol

Computer Networks. Lecture 3: IP Protocol. Marcin Bieńkowski. Institute of Computer Science University of Wrocław

Technical Support Information Belkin internal use only

Network: several computers who can communicate. bus. Main example: Ethernet (1980 today: coaxial cable, twisted pair, 10Mb 1000Gb).

Network Layer: and Multicasting Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Computer Networks/DV2 Lab

Internet Control Protocols Reading: Chapter 3

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

What communication protocols are used to discover Tesira servers on a network?

Troubleshooting Tools

LESSON Networking Fundamentals. Understand TCP/IP

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Network layer: Overview. Network layer functions IP Routing and forwarding

Virtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN

ICS 351: Today's plan. IP addresses Network Address Translation Dynamic Host Configuration Protocol Small Office / Home Office configuration

IP addressing and forwarding Network layer

COMPUTER NETWORK TECHNOLOGY (300)

Network Layers. CSC358 - Introduction to Computer Networks

Application Layer -1- Network Tools

Unix System Administration

Communications and Networking

Using IPM to Measure Network Performance

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

8.2 The Internet Protocol

Firewall Firewall August, 2003

Network Security: Workshop. Dr. Anat Bremler-Barr. Assignment #2 Analyze dump files Solution Taken from

Algemene Theorie en Vaardigheden 2. April 2014 Theaterschool OTT-2 1

Address Resolution Protocol (ARP)

TCP/IP Network Essentials. Linux System Administration and IP Services

IP address format: Dotted decimal notation:

Networking Test 4 Study Guide

User Datagram Protocol - Wikipedia, the free encyclopedia

Network Pop Quiz 5 Brought to you by please visit our site!

Introduction on Low level Network tools

DNS Resolving using nslookup

Additional Information: A link to the conference website is available at:

Lab - Observing DNS Resolution

LAB THREE STATIC ROUTING

Subnetting,Supernetting, VLSM & CIDR

Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer)

Final for ECE374 05/06/13 Solution!!

CS197U: A Hands on Introduction to Unix

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2

IP Networking. Overview. Networks Impact Daily Life. IP Networking - Part 1. How Networks Impact Daily Life. How Networks Impact Daily Life

Connecting to and Setting Up a Network

BASIC ANALYSIS OF TCP/IP NETWORKS

Application. Transport. Network. Data Link. Physical. Network Layers. Goal

Raritan Valley Community College Academic Course Outline. CISY Advanced Computer Networking

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

Websense Web Security Gateway: What to do when a Web site does not load as expected

Computer Networks. Introduc)on to Naming, Addressing, and Rou)ng. Week 09. College of Information Science and Engineering Ritsumeikan University

co Characterizing and Tracing Packet Floods Using Cisco R

Wireshark DNS. Introduction. nslookup

Introduction to Network Security Lab 1 - Wireshark

Computer Networks/DV2 Lab

This Lecture. The Internet and Sockets. The Start If everyone just sends a small packet of data, they can all use the line at the same.

Guideline for setting up a functional VPN

First Midterm for ECE374 02/25/15 Solution!!

1. LAB SNIFFING LAB ID: 10

IP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

ICS 351: Today's plan

2. IP Networks, IP Hosts and IP Ports

IP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.

Connecting with Computer Science, 2e. Chapter 5 The Internet

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

Review: Lecture 1 - Internet History

Outline. CSc 466/566. Computer Security. 18 : Network Security Introduction. Network Topology. Network Topology. Christian Collberg

Computer Networks I Laboratory Exercise 1

Modern snoop lab lite version

TCP/IP Protocol Suite. Marshal Miller Chris Chase

CSET 4750 Computer Networks and Data Communications (4 semester credit hours) CSET Required IT Required

Networking Technology Online Course Outline

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

Introduction to IP networking

Gary Hecht Computer Networking (IP Addressing, Subnet Masks, and Packets)

architecture: what the pieces are and how they fit together names and addresses: what's your name and number?

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

IP Addressing A Simplified Tutorial

Lecture Computer Networks

Internetworking and IP Address

Virtual Server and DDNS. Virtual Server and DDNS. For BIPAC 741/743GE

Hands On Activities: TCP/IP Network Monitoring and Management

Network Security TCP/IP Refresher

Flow Analysis Versus Packet Analysis. What Should You Choose?

Компјутерски Мрежи NAT & ICMP

First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

CS101 Lecture 19: Internetworking. What You ll Learn Today

Wireshark Lab: DNS. 1. nslookup

IP Address: the per-network unique identifier used to find you on a network

Instructor Notes for Lab 3

- Basic Router Security -

TCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline

CS335 Sample Questions for Exam #2

IPv6 Fundamentals: A Straightforward Approach

Transcription:

Lab 2 CS-335a Fall 2012 Computer Science Department Manolis Surligas surligas@csd.uoc.gr 1

Summary At this lab we will cover: Basics of Transport Layer (TCP, UDP) Broadcast ARP DNS More Wireshark filters Several very useful network tools 2

Transport Layer Two major protocols TCP providing reliable communication UDP providing fast but unreliable communication Other protocols: DCCP SCTP RSVP 3

Transport Layer Link layer has as source and destination identifier, the MAC addresses of the source and destination node Network layer respectively, uses the IP address Transport layer uses port numbers Two port numbers in every packet Source port Destination port 4

Transport Layer: TCP TCP provides reliable communication avoiding data corruption due to packet losses 5

Transport Layer: UDP UDP is a simple protocol providing unreliable but fast data transfer Used in realtime applications VoIP Online games Streaming 6

Transport Layer From TCP and UDP headers we see that each port is 16-bits long 2^16 different ports Again not all of them are available IANA keeps track for the reserved ports and the services that use them http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml Some well known ports: 22: ssh 80, 8080: http 443 https 7

Broadcast The last IP of a subnet is used for broadcasting A broadcast message is received by all hosts in the same subnet Only UDP can be used in broadcast messages Eg: Broadcast message to 192.168.1.255, will be received by all hosts in the 192.168.1.0/24 network Another broadcast to 192.168.255.255, will be received by all hosts in the 192.168.0.0/16 network 8

Broadcast Theoretically a broadcast to the 255.255.255.255, will be received by all hosts in the internet At most cases, routers do not allow broadcasting outside our subnet, in order to prevent flooding Broadcast is used: By many protocols like ARP, DHCP, etc For automatic server discovery For easily delivering messages to all hosts in the subnet IPv6 does not implement broadcast. It uses multicast instead 9

Address Resolution Protocol (ARP) Host A wants to sent a packet to B. A knows the IP of B. But A needs also the MAC of B! (Or the MAC of the next node if A and B are not direct connected) ARP helps to retrieve the MAC of a host with a known IP It checks the arp cache table if the MAC of a given IP exists If yes, it uses it immediately If know, host A broadcasts a message says Who has the IP x The node with the IP x replies back his MAC ARP cache table can be viewed with the arp command. Its values are periodically cleared 10

Address Resolution Protocol (ARP) 11

Domain Name System (DNS) Translate human friendly host names into IP addresses It is easier to remember www.csd.uoc.gr rather than 147.52.78.3 The server of CSD can change (due to a fault, or for maintenance) to another backup machine, without changing the URL of the website Works like the phone book, but for URLs Many DNS servers across the internet, structured in hierarchical form 12

Domain Name System (DNS) The file containing your DNS server is the /etc/resolv.conf Contains one or more DNS servers in priority order, or the IP of the gateway that is responsible to provide a DNS server Host A wants to get the IP of wikipedia Host A queries his DNS server If the DNS server do not have an entry for wikipedia, returns a server that may have it The procedure is repeated until a DNS server return the IP of the website We will see more about the DNS system, later, using the dig tool 13

Domain Name System (DNS) 14

More Wireshark! Now that we know some protocols and we are familiar with Transport layer lets perform some interesting filters!!! 15

ARP packets 16

UDP with specific destination IP 17

TCP with specific source port 18

DNS responses 19

Useful Network tools For debugging, testing, experimenting etc, there are many useful network tools netstat iftop ping traceroute dig GeoIP 20

Netstat Netstat can show several info about the open network connections: Which programs have network connections What transfer protocol they are use What ports they use Statistics per transfer protocol It is a very useful tool when we are writing our own programs Frequently used parameters netstat -pt: Show programs that have open TCP connections netstat -pu: Same with the above, for UDP For more info: man netstat 21

Netstat 22

iftop iftop is a console tool that shows realtime information about the bandwith that is spent for each network connection Useful to identify which is the current incoming/outgoing data rate, or In combination with netstat, someone can identify which program has the highest/lowest data rate 23

Ping One of the first network tools Used today to identify if a host is up or not But this not always work. There are hosts that do not respond to ping requests Used also to get the RTT (round trip time) from a specific host Uses the ICMP protocol Easy to use: ping ip_address For more info: : man ping 24

Ping 25

Traceroute Another very usefull tool that shows the path that packets follow until they reach the destination Like ping, it uses also ICMP packets (can be changed with options) How it works: Sends first packet with TTL 1 Send the next packet with TTL 2,3,etc A node that sees a TTL 0, reports back its IP address The procedure is repeated until the final destination is reached With the above simple way we can find all(?) the intermediate nodes 26

Traceroute Host A to www.ics.forth.gr Host B to www.ics.forth.gr 27

Dig Dig is a tool for debugging the DNS It can provide several info like: Which DNS server we used How much time took in order to get the IP from a URL Which is the IP of a URL Which DNS servers were queried Very useful for selecting appropriate DNS servers for our network 28

Dig 29

GeoIP Geoip is a set of tools that reports back to the user, in which county an IP belongs Two tools used in combination geoipupdate: Updates the database with countries and IP ranges geoiplookup: Performs the seach. Instead of IP you can use also and a domain name 30

Questions 31

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information