Basic Lab Setup & Network Commands:

OBJECTIVE: In this lab you will become familiar with following concepts:

• PIng and IMCP Protocol
• ipconfig and NIC configuration
• Basic linus network commands: arp, tcpdump, netstat, ifconfig
• How to change your ethx

LAB:

Part I: Complete Basics-Lab / (only submit the lab manual with all your answers) - Please report any problem or changes to the lab handout. (e.g., ifup and ifdown may not work). Learn about ifconfig commnd.

Part II: The following questions deal with PING command. You should use wireshark to learn about how the ping command works (you have already done a similar thing in the lab above). Ping Examples.

1. Explain how a machine can be set such that it does not respond to any ping request (so the ping will timeout).
2. Which protocol layer ICMP belongs to?
3. Using captured Wireshark packets, draw the protocol stack for ICMP packets

Part III: In addition to ifconfig, there are several other important network commands in Unix, such as arp, netstat, tcpdump. Read about these commands and learn their various arguments. For more infomation read arp and netstat . Example captured files are also available. This is an easy tutorial on Netstat. Good tytorial for tcpdump (e.g., >> tcpdump -n -i etho > data.txt)

Answer the following questions:

1. Write the syntax for an ifconfig command that sets the IP address of the interface eth0 to 128.143.2.3116 with broadcast address 128.143.255.255.
2. Write the syntax of a tcpdump command that captures packets containing IP datagrams with a source or destination IP address equal to 10.0.1.12.
3. Write the syntax of a tcpdump command that captures packets containing ICMP messages with a source or destination IP address equal to 10.0.1.12.
4. Write the syntax of a tcpdump command that captures packets containing IP datagrams between two hosts with IP addresses 10.0.1.11 and I0.0.1.12, both on interface eth1.
5. Write a tcpdump filter expression that captures packets containing TCP segments with a source or destination IP address equal to 10.0.1.12.
6. Write a tcpdump filter expression that, in addition to the constraints in Question 5, only captures packets using port number 23.

Optional:

1. It is possible to change the ethx addresses as discussed in this document (thanks to Jorge Cabrera). Your embedded NIC must be set to eth0.

 

 

1. Examine this email file very carefully. Answer the following questions:
   1. Which email server was used to send this email (e., google.com)?
   2. Where (geographical location) was the sender when the email was sent (e.g., Texs)?
   3. What are the email ids of the sender and recipient?
   4. What type of presentation protocol this email is using? What version?
   5. For this presentation protocol, what encoding scheme was most likely used?
   6. Did the email have any attachment?
   7. How did the sender send the email (e.g., via outlook)?
   8. How did the recipient read the email? (e.g., via outlook)?
   9. At what time the email was sent and received?
   10. What was the content of the message?
   11. Using THIS check some your answers above.