Basic Networking Tools Study Week #1

Questions and Answers

What command can be used to scan a host using its host name?

• sudo traceroute -T www.google.com
• nmap www.pes.edu (correct)
• nmap 192.168.1.1
• nmap 163.53.78.128

Which command is used to scan multiple IP addresses or subnets in IPv4?

• nmap www.pes.edu
• nmap 192.168.1.1 192.168.1.2 192.168.1.3 (correct)
• sudo traceroute -T www.google.com
• nmap 163.53.78.128

How can ping be instructed to exit after a specified number of ECHO_REQUEST packets?

• By setting a timeout flag
• By using the -e flag for ECHO_REQUEST count
• By using the -c flag followed by the packet count (correct)
• By altering the ECHO_REQUEST count in the ping command

What is the purpose of using 'traceroute -T www.google.com' command?

To display the path packets take from source to destination (D)

What does the command 'nmap 163.53.78.128' imply?

Scanning for open ports on a specific IP (C)

What version of HTTP is typically used when retrieving HTML files from a server?

HTTP version 1.0 (A)

How can one identify remote host apps and OS?

By conducting a full port scan with Nmap (D)

Which command should be used to retrieve the last modified date of an HTML file from the server?

"curl --head www.google.com" (D)

"nmap" is commonly used for ________.

Locating network vulnerabilities (A)

"sudo" is a command used for ________.

Running commands with administrative privileges (B)

Flashcards are hidden until you start studying

Study Notes

Week #1: Basic Networking Tools

• Wireshark, Tcpdump, Ping, Traceroute, and Nmap are essential networking tools to understand.
• The lab manual is written for Ubuntu Linux OS only, and experiments can be executed on VirtualBox or VMWare platforms.

Linux Interface Configuration (ifconfig/IP command)

• ifconfig or ip addr show displays the status of all active network interfaces.
• Assign an IP address to an interface using sudo ifconfig interface_name 10.0.your_section.your_sno netmask 255.255.255.0 or sudo ip addr add 10.0.your_section.your_sno /24 dev interface_name.
• Activate/deactivate a network interface using sudo ifconfig interface_name down and sudo ifconfig interface_name up.
• Show the current neighbor table in the kernel using ip neigh.

Ping PDU (Packet Data Units or Packets) Capture

• Assign an IP address to the system (Host) using sudo ifconfig interface_name 10.0.your_section.your_sno netmask 255.255.255.0.
• Launch Wireshark and select the 'any' interface.
• Analyze the TTL, protocol used by ping, and time in the terminal.
• Analyze the frames with the first echo request and echo reply in Wireshark.

HTTP PDU Capture Using Wireshark's Filter feature

• Launch Wireshark and select the 'any' interface.
• Filter HTTP packets using http in the filter toolbar.
• Analyze the first and second frames (interaction of host to the web server and response of server to the client).
• Analyze the HTTP request and response using Wireshark's Follow TCP Stream.

Capturing packets with Tcpdump

• Use tcpdump -D to see available interfaces for capture.
• Capture all packets in any interface using sudo tcpdump -i any.
• Perform some pinging operation while capturing packets.
• Filter packets based on protocol using sudo tcpdump -i any -c5 icmp.
• Save packets to a file using sudo tcpdump -i any -c10 -nn -w webserver.pcap port 80.

Perform Traceroute checks

• Run the traceroute using sudo traceroute www.google.com.
• Analyze the destination address of google.com and the number of hops.
• Use the -n option to disable the mapping of IP addresses with hostnames.
• Use the -I option to use ICMP packets.
• Use the -T flag to test a TCP connection.

Explore an entire network for information (Nmap)

• Scan a host using its hostname or IP address using nmap www.pes.edu or nmap 163.53.78.128.
• Scan multiple IP addresses or subnets using nmap 192.168.1.1 192.168.1.2 192.168.1.3.

Submission Guidelines

• Take screenshots of results after execution of every command in every task.
• Write the task and 2-3 lines of observation followed by screenshots.
• Submissions will be through Google Forms.