DOWNLOAD
Open Lab Manual google Drive
Lab 2:
Objective: To make the students aware about and learn the
detailed use of the following OS level TCP/IP diagnostic and troubleshooting
commands: ping, ns lookup
1) Ping
command
PING: Packet InterNet
Groper ping
The ping command is a Command
Prompt command used to test the ability of the
source computer to reach a specified destination computer. The ping command is
usually used as a simple way to verify that a computer can communicate over the
network with another computer or network device.
The ping
command operates by sending Internet
Control Message Protocol (ICMP) Echo Request messages to the destination
computer and waiting for a response. How many of those responses are returned,
and how long it takes for them to return, are the two major pieces of
information that the ping command provides.
For example,
you might find that there are no responses when pinging a network printer, only
to find out that the printer is offline and its cable needs replaced. Or maybe
you need to ping a router to verify that your computer can
connect to it, to eliminate it as a possible cause for a networking issue. Ping
Command Syntax
ping [-t] [-a] [-n count]
[-l size] [-f] [-i TTL]
[-v TOS] [-r count] [-s count] [w timeout]
[-R] [-S srcaddr] [-p] [-4] [-6] target [/?]
Ping Command Options
Item
|
Explanation
|
-t
|
|
-a
|
|
-ncount
|
This
option sets the number of ICMP Echo Requests to send, from 1 to 4294967295.
The ping command will send 4 by default if -n isn't used.
|
-l
size
|
Use this
option to set the size, in bytes, of the echo request packet from 32 to
65,527. The ping command will send a 32-byte echo request if you don't use
the -l option.
|
-f
|
Use this
ping command option to prevent ICMP Echo Requests from being fragmented by
routers between you and the target.
The -f option is most often used
to troubleshoot Path Maximum Transmission Unit (PMTU) issues.
|
-i
TTL
|
This
option sets the Time to Live (TTL) value, the maximum of which is 255.
|
-v
TOS
|
This
option allows you to set a Type of Service (TOS) value. Beginning in Windows
7, this option no longer functions but still exists for compatibility
reasons.
|
-rcount
|
Use this
ping command option to specify the number of hops between
your computer and the target
computer or device that you'd like to be recorded and displayed. The maximum
value for count is 9, so use the tracert command instead
if you're interested in viewing all the hops between two devices.
|
-scount
|
Use this
option to report the time, in Internet Timestamp format, that each echo
request is received and echo reply is sent. The maximum value for count is 4, meaning that only the
first four hops can be time stamped.
|
-wtimeout
|
Specifying
a timeout value when executing the
ping command adjusts the amount of time, in milliseconds, that ping waits for
each reply. If you don't use the -w
option, the default timeout value of 4000 is used, which is 4 seconds.
|
-R
|
This
option tells the ping command to trace the round trip path.
|
-Ssrcaddr
|
Use this
option to specify the source address.
|
-p
|
Use this
switch to ping a Hyper-V Network
Virtualization provider address.
|
-4
|
This
forces the ping command to use IPv4 only but is only necessary if target is a hostname and not an IP
address.
|
-6
|
This
forces the ping command to use IPv6 only but as with the -4option, is only necessary when pinging a hostname.
|
Target
|
This is
the destination you wish to ping, either an IP address or a hostname.
|
/?
|
Use the help switch with
the ping command to show detailed help about the command's several options.
|
EXAMPLE
ping –n 5 –l 1500 www.google.com
ping 127.0.0.1
ping –a 192.168.1.22
Ping -t -6
localhost(servername)
ping –r 5 127.0.0.1 ping –r 9 127.0.0.1
2)nslookup
The nslookup
(which stands for name server lookup)
command is a network utility program used to obtain information about internet
servers. It finds name server information for domains by querying the Domain Name System.
Most
computer operating systems include a built-in command line program with the same name. Some
network providers also host web-based services of this same utility (like Network-Tools.com). These
programs are all designed to perform name server lookups against specified
domains.
Displays information that you can
use to diagnose Domain Name System (DNS) infrastructure. Before using this
tool, you should be familiar with how DNS works. The nslookup command-line tool
is available only if you have installed the TCP/IP protocol.
OPTIONS
Parameter
|
Description
|
exits nslookup.
|
|
Connects with the finger server on the current computer.
|
|
Displays a short summary of nslookup subcommands.
|
|
lists information for a DNS domain.
|
|
changes the default server to the specified DNS domain.
|
|
changes the default server to the server for the root of
the DNS domain name space.
|
|
changes the default server to the specified DNS domain.
|
|
changes
configuration settings that affect how lookups function.
|
|
prints the current values of the configuration settings.
|
|
changes the query class. The class
specifies the protocol group
|
Parameter
|
Description
|
of the information.
|
|
Turns
exhaustive Debugging mode on or off. All fields of every packet are printed.
|
|
Turns Debugging mode on or off.
|
|
nslookup
/set defname
|
appends the default DNS domain name to a single component
lookup request. A single component is a component that contains no periods.
|
changes the default DNS domain name to the name specified.
|
|
nslookup
/set ignore
|
Ignores packet truncation errors.
|
changes the default TCP/UDP DNS name server port to the
value specified.
|
|
changes the resource record type for the query.
|
|
Tells the DNS name server to query other servers if it
does not have the information.
|
|
Sets the number of retries.
|
|
changes the name of the root server used for queries.
|
|
appends
the DNS domain names in the DNS domain search list to the request until an
answer is received. This applies when the set and the lookup request contain
at least one period, but do not end with a trailing period.
|
|
changes the default DNS domain name and search list.
|
|
Parameter
|
Description
|
changes the initial number of seconds to wait for a reply
to a request.
|
|
changes the resource record type for the query.
|
|
Specifies to use or not use a virtual circuit when sending
requests to the server.
|
|
sorts and lists the output of the previous ls subcommand or commands.
|
|
SYNTAX
nslookup
[-opt ...] [{Host| [Server]}
EXAMPLE
nslookup lifewire.com
nslookup www.microsoft.com
Lab 3:
Objective: To make the
students aware about and learn the detailed use of the following OS level
TCP/IP diagnostic and troubleshooting commands: ipconfig, arp, netstat,
tracert, telnet.
ipconfig(IP Configration)
In Windows,
ipconfig is a console application designed to run from the Windows command
prompt. This utility allows you to get the IP
address information of a Windows
computer. It also allows some control over
active TCP/IP connections. ipconfig replaced the
older winipcfg utility.
SYNTAX
ipconfig
[/allcompartments] [/? | /all | /renew [adapter] | /release [adapter] | /renew6
[adapter] | /release6 [adapter] | /flushdns | /displaydns | /registerdns |
/showclassid adapter | /setclassid adapter [classid] | /showclassid6 adapter |
/setclassid6 adapter [classid] ]
OPTIONS
/all
|
Display
full configuration information.
|
/release
|
|
/release6
|
|
/renew
|
Renew the
IPv4 address for the specified adapter.
|
/renew6
|
Renew the
IPv6 address for the specified adapter.
|
/flushdns
|
|
/registerdns
|
|
/displaydns
|
Display
the contents of the DNS Resolver cache.
|
/showclassid
|
Displays
all the DHCP class IDs allowed for adapter.
|
/setclassid
|
Modifies
the DHCP class id.
|
/showclassid6
|
Displays
all the IPv6 DHCP class IDs allowed for an adapter.
|
/setclassid6
|
Modifies
the IPv6 DHCP class id.
|
EXAMPLE ipconfig/all
ipconfig/all| more
ipconfig/displaydns
arp
(AddressResolutionProtocol)
Address
Resolution Protocols (ARP) deal with the way local IP
addresses are resolved between computers on a
network.
The ARP
compares the address and subnet
masks of the host and the target computer.
If these match then the address has effectively been resolved to the local
network.
Arp syntax
ARP -s
inet_addreth_adr [if_addr]
ARP -d
inet_addr [if_addr]
ARP -a
[inet_addr] [-N if_addr]
OPTIONS
-a
|
Displays current ARP
entries by interrogating the current protocol data. If inet_addr is specified, the IP and physical addresses
for only the specified computer are displayed. If more than one network
interface uses ARP, entries for each ARP table are displayed.
|
-g
|
Same
as –a
|
inet_addr
|
Specifies
an Internet address.
|
-N if addr
|
Displays
the ARP entries for the network interface specified by if_addr.
|
-d
|
Deletes
the host specified by inet_addr.
|
-s
|
|
address
eth_addr. The physical address is given as 6 hexadecimal bytes separated by
hyphens. The entry is permanent.
|
|
eth_addr
|
|
if_addr
|
If
present, this specifies the Internet address of the interface whose address
translation table should be modified. If not present, the first applicable
interface will be used.
|
EXAMPLE arp -a
netstat(NETworkSTATistics)
The netstat command is a Command
Prompt command used to display very detailed information about how your computer is communicating
with other computers or network devices.
Specifically,
the netstat command can show details about individual network connections,
overall and protocol-specific networking statistics, and much more, all of
which could help troubleshoot certain kinds of networking issues.
SYNTAX
NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-x]
[-t] [interval]
OPTIONS
-a
|
Displays
all connections and listening ports.
|
-b
|
Displays the
executable involved in creating each connection or listening port. In some
cases, well-known executables host multiple independent components, and in
these cases, the sequence of components involved in creating the connection
or listening port is displayed. In this case, the executable name is in [] at
the bottom, on top is the component it called, and so forth until TCP/IP was
reached. Note that this option can be time-consuming and will fail unless you
have sufficient permissions.
|
-e
|
Displays
Ethernet statistics. This option may be combined with the -s option.
|
-f
|
|
-n
|
Displays
addresses and port numbers in numerical form.
|
-o
|
Displays
the owning process ID associated with each connection.
|
-p proto
|
|
-r
|
|
-s
|
Displays per-protocol
statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP,
TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the
default.
|
-t
|
Displays
the current connection offload state.
|
-x
|
Displays
NetworkDirect connections, listeners, and shared endpoints.
|
-y
|
Displays the TCP
connection template for all connections. Cannot be combined with the other
options.
|
interval
|
Redisplays
selected statistics, pausing interval seconds between each display. Press Ctrl+C
to stop redisplaying statistics. If omitted, netstat will print the current
configuration information once.
|
EXAMPLE
netstat –an
netstat 5
netstat –r
Tracert(TErminalNEtwork)
The tracert command is a Command
Prompt command that's used to show several details
about the path that a packet takes from the computer or device you're on to
whatever destination you specify.
You might
also sometimes see the tracert command referred to as the trace route command or traceroute
command to install
traceroutecommond in ubuntu sudo apt-get
install traceroute
Tracert Command Syntax
tracert [-d]
[-h MaxHops] [-w TimeOut] [-4] [-6] target [/?]
OPTIONS
Item
|
Description
|
-d
|
This
option prevents tracert from resolving IP addresses to hostnames, often resulting in much faster results.
|
-
hMaxHops
|
This
tracert option specifies the maximum number of hops in the search for the target.
If you do not specify MaxHops, and
a target has not been found by 30 hops,
tracert will stop looking.
|
-wTimeOut
|
You
can specify the time, in milliseconds, to allow each reply before timeout
using this tracert option.
|
-4
|
This
option forces tracert to use IPv4 only.
|
-6
|
This
option forces tracert to use IPv6 only.
|
target
|
This
is the destination, either an IP address or hostname.
|
/?
|
Use
the help switch with the tracert command to show detailed help about the
command's several options.
|
EXAMPLE trecert www.goole.com
tracert 192.168.1.1
tracert –d www.yahoo.com
Lab 4 a:
Objective:Implement a simple TCP socket based
client server program in Python in which the client connects to the server. The
server displays the ip address and port number of client and sendsan
acknowledgement message back to client. The client displays the received
acknowledgement message on screen.
Client.py
#!/usr/bin/env python3
import socket
HOST = '127.0.0.1' #
The server's hostname or IP address PORT
= 65432 # The port used by the
server
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as
s: s.connect((HOST, PORT))
s.sendall(b'Hello,
world') data = s.recv(1024)
print('Received', repr(data))
server.py
import socket
HOST = '127.0.0.1' #
Standard loopback interface address (localhost)
PORT = 65432 #
Port to listen on (non-privileged ports are > 1023)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as
s: s.bind((HOST, PORT))
s.listen(4) conn, addr = s.accept() with conn: print('Connected by', addr) while True:
data =
conn.recv(1024) if not
data:
break
conn.sendall(data)
Lab 4 b:
Objective:Implement a simple UDP socket based
client server program in Python in which the client connects to the server. The
server displays the ip address and port number of client and sends an
acknowledgement message back to client. The client displays the received acknowledgement
message on screen.
Udp server
import socket host =
'127.0.0.1' port = 6789
Ssocket = socket.socket(socket.AF_INET,
socket.SOCK_DGRAM)
Ssocket.bind((host,port)) while
True:
data,addr =
Ssocket.recvfrom(1024) print ("Message: ", data)
socket.close()
udp client
import socket host =
'127.0.0.1' port = 6789
msg = str.encode("hello server")
Csocket =
socket.socket(socket.AF_INET,socket.SOCK_DGRAM)
Csocket.sendto(msg,(host,port))
1. List
up to IO different protocols that appear in the protocol column in the
unfiltered packet-listing
window.
2. How
long did it take from when the HTTP GET message was sent until the HTTP OK
reply was received? (By default, the value of the Time column in the packet
listing window is the amount of time, in seconds, since Wireshark tracing
began. To display the Time field in time-of-day format, select the Wireshark
View pull down menu, then select Time Display Format, then select Time-of-day.
For now you don’t need to understand HTTP GET and OK, but reading the textbook
may be helpful if you are curious on how they work.).
3.
What is the Internet address of the www.google.com?
What is the Internet address of your computer? Include a screenshot and
describe where you got the data to answer this question.
4. Provide
a screenshot showing http protocol only with Wireshark running on your
computer.
5. How
many packets did you capture (total of all protocols, not just HTTP)? Now, use
display filters to determine how many packets contain your ip address (hint:
Use ip.addr instead of the clumsy ip.src or ip.dst format). What is this filter
you used? Now, reverse the filter to determine how many packets don’t contain
your ip address. See any problems here? If not, you've already figured out the
point of this question, so explain how you did so. If so, how can this problem
be fixed? What are the appropriate display filters to use? How does Wireshark
warn you of such a problem?
6. Use
your newly acquired Wireshark skills to capture the process when your browser loads the front page of INI's
website (i.e. http://www.ini.cmu.edu). How many packets did you capture? Were all of them
HTTP? How many HTTP requests did you make? Were all the replies "200
OK"? Did you find anything else interesting? Please ensure you have
examined this packet capture in detail, using appropriate Wireshark
functionality. Please include screen captures where you think they are
necessary.
7. What
is the IP address of your computer? Of the gtu.ac.in server?
8. What
HTTP version is your browser running? What version of HTTP is the server
running?
9. What
is the status code and phrase returned from the server to your browser?
10. What
languages does your browser indicate to the server that it can accept? Which
header line is used to indicate this information?
11. When
was the HTML-file, that you have retrieved, last modified at the server? Which
header line is used to indicate this information?
12. How
many bytes of content (size of file) are returned to your browser? Which header
line is used to indicate this information?
What is Wireshark?
Wireshark is a network packet analyzer. A
network packet analyzer will try to capture network packets and tries to
display that packet data as detailed as possible.
You could think of a network packet analyzer
as a measuring device used to examine what’s going on inside a network cable,
just like a voltmeter is used by an electrician to examine what’s going on
inside an electric cable (but at a higher level, of course).
In the past, such tools were either very
expensive, proprietary, or both. However, with the advent of Wireshark, all
that has changed.
Wireshark is perhaps one of the best open
source packet analyzers available today.
1.1.1. Some intended purposes
Here are some examples people use Wireshark
for:
• Network administrators use it to troubleshoot network problems
• Network security engineers use it to examine security
problems
• QA engineers use it to verify network applications
• Developers use it to debug protocol implementations
• People use it to learn network protocol internals
Beside these examples Wireshark can be
helpful in many other situations too.
1.1.2. Features
The following are some of the many features
Wireshark provides:
• Available for UNIX and Windows.
• Capture live packet data from a network
interface.
• Open files containing packet data
captured with tcpdump/WinDump, Wireshark, and a number of other packet capture
programs.
• Import packets from text files
containing hex dumps of packet data.
• Display packets with very detailed protocol information.
• Save packet data captured.
• Export some or all packets in a number
of capture file formats.
• Filter packets on many criteria.
• Search for packets on many criteria.
• Colorize packet display based on
filters.
• Create various statistics.
• …and a lot more!
Download Wireshark
To download Wireshark:
1.
Open a web browser.
2.
Navigate to http://www.wireshark.org.
3.
Select Download Wireshark.
4.
Select the Wireshark Windows
Installer matching your system type, either 32-bit or 64-bit as determined in
Activity 1. Save the program in the Downloads folder.
5.
Close the web browser.
Install Wireshark
Wireshark is a free and open source packet
analyzer used for network troubleshooting and analysis. These activities will
show you how to download and install Wireshark.
To install Wireshark:
1.
Open Windows Explorer.
2.
Select the Downloads folder.
3.
Locate the version of Wireshark
you downloaded in Activity 2. Double-click on the file to open it.
4.
If you see a User Account
Control dialog box, select Yes to
allow the program to make changes to this computer.
5.
Select Next > to start the Setup Wizard.
6.
Review the license agreement.
If you agree, select I Agree to
continue.
7.
Select Next > to accept the default components.
8.
Select the shortcuts you would
like to have created. Leave the file extensions selected. Select Next > to continue.
9.
Select Next > to accept the default install location.
10.
Select Install to begin installation.
11.
Select Next > to install WinPcap.
12.
Select Next > to start the Setup Wizard.
13.
Review the license agreement.
If you agree, select I Agree to
continue.
14.
Select Install to begin installation.
15.
Select Finish to complete the installation of WinPcap.
16.
Select Next > to continue with the installation of Wireshark.
17.
Select Finish to complete the installation of Wireshark.
The Menu
Wireshark’s main menu is located either at
the top of the main window (Windows, Linux) or at the top of your main screen
(macOS). An example is shown in Figure 3.2,
“The Menu”.
Note
|
|
Some
menu items will be disabled (greyed out) if the corresponding feature isn’t
available. For example, you cannot save a capture file if you haven’t
captured or loaded any packets.
|
The main menu contains the following items:
File: -
This menu contains items to open and
merge capture files, save, print, or export capture files in whole or in part,
and to quit the Wireshark application.
Edit: -
This menu contains items to find a
packet, time reference or mark one or more packets, handle configuration
profiles, and set your preferences; (cut, copy, and paste are not presently
implemented).
View: -
This menu controls the display of the
captured data, including colorization of packets, zooming the font, showing a
packet in a separate window, expanding and collapsing trees in packet details.
Go: -
This menu contains items to go to a
specific packet.
Capture: -
This menu allows you to start and stop
captures and to edit capture filters.
Analyze: -
This menu contains items to manipulate
display filters, enable or disable the dissection of protocols, configure user
specified decodes and follow a TCP stream.
Statistics: -
This menu contains items to display
various statistic windows, including a summary of the packets that have been
captured, display protocol hierarchy statistics and much more.
Telephony: -
This menu contains items to display
various telephony related statistic windows, including a media analysis, flow
diagrams, display protocol hierarchy statistics and much more.
Wireless: -
The items in this menu show Bluetooth
and IEEE 802.11 wireless statistics.
Tools: -
This menu contains various tools
available in Wireshark, such as creating Firewall ACL Rules.
Help: -
This menu
contains items to help the user, e.g. access to some basic help, manual pages
of the various command line tools, online access to some of the webpages, and
the usual about dialog.
INDUSTRIAL VISIT:
Date:18/3/2019
Monday
Industrial
Visit MCA 2019
Thanks to Bhagwan mahavir college of Managemnet and our Proffesor and the department of MCA, we the students of 4th
semester MCA, were given the opportunity to go on an industrial visit to “Pure
Skill IT Training Academy”.
During
Industrial visit students visit companies and get insight regarding the
internal working environment of a company and how a company functions, as well
as useful information related to the practical aspects of the educational
course which cannot be visualized in lectures.
The
industrial visit is considered one of the most tactical methods of teaching. It
provides students with an opportunity to learn practically through interaction,
working methods and employment practices. Moreover, it gives exposure from an
academic point of view.
In
Industrial Visit we got a knowledge about Wireshark ,how to use wireshark how
we can work with wireshark and we got
knowledge about Networking that how the network works,how the switches were
working in industry, and many wire and hubs are connected with many switches
they saw us many types of cables which were used in Industry.
Industry
Networks was very easy to use.
We
Got some Knowledge About Networks in Industry:
1.Cable
type: UTP – Twisted Pair Cable
2.Connector:
RJ45
3.Switch:
Ordinary 24 Port Fast Ethernet(gigabit) speed-1gbps
4.Topology:
Star Topology
5.Router:
Wireless Router,TP link company
6.Internet
Connectivity: City BroadBand pure Fibre
7.Internet
Speed: 100 mbps
8.Wifi
Connectivity: Yes,by TP link wireless Router
9.Bandwidth:
100 mbps
10.ISP(Internet
service provider): City Broadband
11.NIC
card: Intel Company
12.IP:
Class c
13.IP
Address: 192.168.0.0
14.Licence
Software: Microsoft Company
Ping Speed Test
ReplyDelete