Lab 03 - Networking

COSC2171 – Lab Activity 3 Page 1

Web Servers and Web Technology (COSC2171)

Lab 3 - Networking

For Networking The UNIX commands below each relate to layers of TCP/IP protocol suite. At what layers do

they operate?

For what part of data communication using TCP/IP are the following commands useful?

Use the online tutorial as a reference. The RFC links on the course web site may also be

useful. If you cannot run a command - you receive the “\command not found" error, this is

because your PATH environment variable is not set correctly. Either get the lab assistant to

show you how to do this, or use an alias, for example as follows:

[s39999@unix ~]$ ping 131.170.24.40

[s39999@unix ~]$ ping: Command not found.

[s39999@unix ~]$ which ping

[s39999@unix ~]$ /usr/sbin/ping

[s39999@unix ~]$ alias ping /usr/sbin/ping

[s39999@unix ~]$ whereis ping

COMMAND LAYER

Ping Network

traceroute Network

netstat

ifconfig

arp Data Link Layer

nslookup

COMMAND Data Communication

Ping

traceroute

netstat

ifconfig

arp

nslookup


Use the online tutorial as a reference. The RFC links on the subject web site may also be

useful. The ping command contacts a host to make sure it is 'alive'. Run the command:

ping www.apache.org

Note: Use ctrl-c to stop ping

The traceroute commands show the hops that a data packet goes through to reach

a remote host. Run the command:

traceroute www.apache.org

If I happen to get asterix (*) or timeouts in certain hops, does that mean that I am losing

packets in that particular hop?

It usually means that that particular router has been configured to drop ICMP packets

(pings) rather than respond to them. Pls. check for the DNS Servers, whether it is configured

for the Dial up connection. Can you ping the host by name? Can you ping a host like

www.cisco.com by name. Could it be a nameserver thing? Does nslookup work? The above

questions need to be answered to rule out the possibility that it isn't a name server issue.

That's what it sounds like so far. Detecting Remote Firewall using ICMP Firewalls can be

detected using a unix system's popular utility traceroute. Asterix in the output signals a

filtering device in the path.The other methods that can be adopted can be listed as –

1. Banner Grabbing

2. Using nmap

3. Port Scanning and looking for specific ports on which particular firewalls are known to

run by default. Preventive action can be taken by adding the ACL - access-list 101

deny ip any any 11

http://www.apache.org/


Visit the website and test the traceroute utility

http://www.telstra.net/cgi-bin/trace

How are ping and traceroute related?

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

__________________________________________________________________________________

_____________________________________________________________________________

Note that this system means that this is an unreliable command because probes may take

different paths, meaning that gateways reported to be in sequence may not be connected to

each other. Also, the probes are not supposed to be processed by the destination host, so the

UDP port is set to an unlikely value.

How can you find out more about a command?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

The netstat command can be used to return a great deal of information about the status of the

network. The information of the command depends on the parameters given. The command

below returns a verbose description of the routing tables in numeric form.

netstat -vrn


Flg stands for flag. What do you think the parameters U, G and H might mean?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

What is the netmask used for?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

The ifconfig command returns or sets (if you have the correct privileges) information about

the configuration of network interfaces on the host. Run the command:

ifconfig –a

Why didn’t it work?

ifconfig is only available to the root user (or those with /sbin in their

path) and is used to configure the interface--NOT to watch network traffic.


Try /sbin/ifconfig –a

[v04909@unix ~]$ /sbin/ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:02:A5:F1:37:39

inet addr:172.16.43.20 Bcast:172.16.43.255

Mask:255.255.255.0 inet6 addr:

fe80::202:a5ff:fef1:3739/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:16905972 errors:0 dropped:0 overruns:0 frame:0

TX packets:24853629 errors:0 dropped:0 overruns:0

carrier:0 collisions:0 txqueuelen:1000

RX bytes:1380187595 (1.2 GiB) TX bytes:476015526 (453.9 MiB)

eth1 Link encap:Ethernet HWaddr 00:02:A5:F1:37:38

BROADCAST MULTICAST MTU:1500 Metric:1




RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

lo Link encap:Local Loopback

inet addr:127.0.0.1

Mask:255.0.0.0 inet6 addr:

::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:16436 Metric:1




RX bytes:74504 (72.7 KiB) TX bytes:74504 (72.7 KiB)

sit0 Link encap:IPv6-in-IPv4

NOARP MTU:1480 Metric:1


TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

Collisions: 0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


What network interface exists on the RMIT unix box? What is lo0 and what is it used for?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

The arp command uses the address resolution protocol to get the physical address of a host

on the network. Run the following commands:

arp 131.170.24.42

arp www.apache.org

If the command doesn’t work, what should you do?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

http://www.apache.org/


What extra process is performed for the second command?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

What does this return? Why?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

The nslookup command sends a query to a name server, which maps a domain name to an IP

address. Run the following commands:

nslookup www.apache.org

nslookup 209.237.227.195


Can you explain the response to the second query?

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

___________________________________________________________________________

__________________________________________________________________________

Documents

Lab 03 - Networking