Exercises ARP ICMP DNS HTTP/TCP Trace analysis. ARP launch Wireshark ipconfig /all ; see local IP and gateway route -print ; find gateway arp -a ; list.

Slides:



Advertisements
Similar presentations
CSC458 Programming Assignment II: NAT Nov 7, 2014.
Advertisements

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)
SYSTEM ADMINISTRATION Chapter 19
Lab 4: Simple Router CS144 Lab 4 Screencast May 2, 2008 Ben Nham Based on slides by Clay Collier and Martin Casado.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
CPSC 441 Tutorial - Network Tools 1 Network Tools CPSC 441 – Computer Communications Tutorial.
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
TDC375 Autumn 03/04 John Kristoff - DePaul University 1 Network Protocols Dynamic Host Configuration Protocol (DHCP)
ECE Prof. John A. Copeland fax Office: Klaus 3362.
1 ICMP – Using Ping and Trace CCNA Semester
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
CS 356 Systems Security Spring Dr. Indrajit Ray
Linux Networking Commands
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Chapter Twelve Using TCP/IP on the Network. Objectives Here, we’ll examine how to configure TCP/IP. The concepts of subnetting will be examined in detail.
TELE202 Lecture 10 Internet Protocols (2) 1 Lecturer Dr Z. Huang Overview ¥Last Lecture »Internet Protocols (1) »Source: chapter 15 ¥This Lecture »Internet.
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Control Message Protocol ICMP author -- J. Postel, September The purpose.
Load-Balance/Route Policy Advanced Routing. Outline How does it Work – When matching criteria, send via the route What does it Do – 2 real usage examples.
Managing Network connections. Network Cabling Ethernet Topology Bus topology – Connects each node in a line – Has no central connection point Star topology.
Packet capture and protocol analysis 1. Content TCP/IP Networking Review Packet Capture Protocol Analysis 2.
Network Layer – Subnetting and Control Protocols Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing,
23-Support Protocols and Technologies Dr. John P. Abraham Professor UTPA.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
Network Tools TCP/IP interface configuration query - MAC (HW) address and IP address – Linux - /sbin/ifconfig – MS Windows – ipconfig/all 1.
21.1 Chapter 21 Network Layer: Address Mapping, Error Reporting, and Multicasting Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
 Ping - Transmits four 32 byte packets to target computer ◦ Measures response time ◦ Returns IP address of target computer ◦ Example: ping uottawa.ca.
DNS (Domain Name System) Protocol On the Internet, the DNS associates various sorts of information with domain names. A domain name is a meaningful and.
PA3: Router Junxian (Jim) Huang EECS 489 W11 /
PACKET ANALYSIS WITH WIRESHARK DHCP, DNS, HTTP Chanhyun park.
Operating Systems Lesson 10. Networking Communications protocol is the set of standard rules for ◦ Data representation ◦ Signaling ◦ Authentication ◦
Examining TCP/IP.
IP Forwarding.
© 2007 Cisco Systems, Inc. All rights reserved. 1 Network Addressing Networking for Home and Small Businesses – Chapter 5 Darren Shaver – Modified Fall.
Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.
1 TCP/IP Internetting ä Subnet layer ä Links stations on same subnet ä Often IEEE LAN standards ä PPP for telephone connections ä TCP/IP specifies.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
Internet Protocols. Address Resolution IP Addresses are not recognized by hardware. If we know the IP address of a host, how do we find out the hardware.
Networks Part 3: Packet Paths + Wireshark NYU-Poly: HSWP Instructor: Mandy Galante.
Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF
Internet Protocols. ICMP ICMP – Internet Control Message Protocol Each ICMP message is encapsulated in an IP packet – Treated like any other datagram,
1 Bus topology network. 2 Data is sent to all computers, but only the destination computer accepts 02608c
ERICSON BRANDON M. BASCUG Alternate - REGIONAL NETWORK ADMINISTRATOR HOW TO TROUBLESHOOT TCP/IP CONNECTIVITY.
ARP ‘n RARP. The Address Resolution Protocol (ARP) is a request sent out by a computer to find another computer’s MAC address. It already knows the IP.
Computer Networks 0111-ICMP Gergely Windisch
End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: interne t interface DNS server IP:
Chapter 5e.  Upon completion of this chapter, you should be able to:  Find IP configuration settings on Windows & Linux  Troubleshoot IP configuration.
Cisco Routers Routers collectively provide the main feature of the network layer—the capability to forward packets end-to-end through a network. routers.
© 2003, Cisco Systems, Inc. All rights reserved.
CompTIA Network+ N Authorized Cert Guide
Network Tools and Utilities
COMPUTER NETWORKS CS610 Lecture-33 Hammad Khalid Khan.
8 Network Layer Part V Computer Networks Tutun Juhana
ICMP – Using Ping and Trace
Troubleshooting IP Communications
Troubleshooting Speaker Saengsan Tinarak Channel
NETWORK TROUBLESHOOTING COMMANDS
ICMP – Using Ping and Trace
Networking Lab.
Networking Lab.
Presentation transcript:

Exercises ARP ICMP DNS HTTP/TCP Trace analysis

ARP launch Wireshark ipconfig /all ; see local IP and gateway route -print ; find gateway arp -a ; list all MAC addresses learned arp -d * ; delete all MAC address learned ping What is the MAC address of the router? 2

Hints If the default gateway/router’s MAC address is not in the cache, the host will send ARP to ask for it. The default gateway’s IP address is pre- configured or learnt through the DHCP protocol. 3

ICMP ping – htm htm – What is the value of ‘Type’ in the outgoing ICMP packet? – What is the value of ‘Type’ in the incoming ICMP packet? – Take a look at the data section in the incoming ICMP packet. tracert – What are the answers to the above two questions? 4

Hints Ping – Send: ICMP Echo Request – Receive: ICMP Echo Reply Traceroute – Send: And kind of IP packet with special TTL It would be an ICMP packet if we need the reply from the destination – Receive: ICMP Time Exceeded 5

DNS nslookup Take a look at DNS query and response packets nslookup set type=PTR Take a look at DNS query and response packets 6

Hints set type=A (default setting) – Normal DNS lookup: get the IP address from a host name set type=PTR – Reverse DNS lookup: get the host name from its IP address 7

HTTP/TCP Use browser to visit Take a look at – TCP’s three-way handshake – sequence numbers in packets from the server and the acknowledgement number in packets from the client – HTTP header in the packet from the client – HTTP header in the packets from the server 8

Trace analysis Real trace from a VoIP hacking demo Analyze the trace using Wireshark and answer the following questions – Which 4 protocols are involved in the pcap? – Which codec does the RTP stream use? – How did the attacker gain access to the server? – Where is the hacked server? Tips: look into the payload 9

Hints 4 Protocols: HTTP, RTP, RTCP, SIP RTP uses G.7111 PCMU coding Default user name/password – Authorization: Basic bWFpbnQ6cGFzc3dvcmQ= The city is DISTRITO FEDERAL MEXICO – Hear it Telephony -> RTP -> Stream analysis – Public IP: in an HTTP response Follow HTTP connections Look into the HTTP responses Use Geolocation websites to locate the city 10

Useful links Protocols – 1.htm 1.htm Wireshark – guide-a4.pdf TCPDump –

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.