EX.NO:1 Learn to use commands like tepdump, netstat, ifconfig, nslookup and traceroute. Capture ping and traceroute PDUs using a network protocol analyzer and examine. AIM: To Learn to use commands like tepdump, netstat, ifconfig, nslookup and traceroute ping PRE LAB DISCUSSIO! ‘Tepdump: The tcpdump utility allows you to capture packets that flow within your network to assist in network troubleshooting. The following are several examples of using tcpdump with different options. Traffic is captured hased on a specified filter. Netstat Netstat is a common command tine TCP/IP networking available in most versions of Windows, Linux, UNIX and other operating systems. Netstat provides information and statistics about protocols in use and current TCP/IP network connections. ipconfig ipconfig is a console application designed to run from the Windows command prompt. This utility allows you to get the IP address information of a Windows computer. From the command prompt, type ipconfig to run the utility with default options. The output of the default command contains the IP address, network mask, and gateway for all physical and virtual network adapter. nslookup The nslookup (which stands for name server lookup) command is a network utility program used to obtain information about internet servers. It finds name server information for domains by querying the Domain Name System. Trace rout Traceroute is a network diagnostic tool used to track the pathway taken by a packet on an IP network from source to destination. Traceroute also records the time taken for each hop the packet makes during its route to the destination Commands: ‘Tepdump: Display traffic between 2 hosts: To display all traffic between two hosts (represented by variables host! and host2): # tepdump host host! and host2 Display traffic from a source or destination host only: To display traffic from only a source (src) or destination (dst) host: # tepdump ste host # tcpdump dst host Display traffic for a specific protocol Provide the protocol as an argument to display only traffic for a specific protocol, for example tcp, udp, icmp, arp 10 Downloaded by Aan R (aarhicsi242@gmallcom)# tepdump protocol For example to display traffic only for the tep traffic # tcpdump tep Filtering based on source or destination port To filter based on a source or destination port: # tepdump ste port ftp # tcpdump dst port http 2Netstat Netstat is a common command line TCP/IP networking available in most versions of Windows, Linux, UNIX and other operating systems Netstat provides information and statistics about protocols in use and current TCP/IP network connections. The Windows help screen (analogous to a Linux or UNIX for netstat reads as follows: displays protocol statistics and current TCP/IP network connections. #netstat THI C\Windows\system’2\cmd.exe eee ees Pr my ces eae ENS rd Seetartata | ry ted rd eyed :BBBB tive at aT a: Bits ry areata ers crs erat Tame Tt feu me rd ft] woes 68 att yd Ear tryed BBB metre jon designed to run from the Windows command In Windows, ipconfig is a console appli prompt. This utility allows you to get the IP address information of a Windows computer Using ipconfig From the command prompt, type ipconfig to run the utility with default options. The output of the default comma network adapter, id contains the IP address, network mask, and gateway for all physical and virtual u gral conslookup, The nslookup (which stands for name server lookup) command is a network utility program used to obtain information about internet servers. It finds name server information for domains by que! the Domain Name System. ing The nslookup command is a powerful tool for diagnosing DNS problems. You know you're experiencing a DNS problem when you can access a resource by specifying its IP address but not its DNS name. #nslookup 5, Trace route: Traceroute uses Internet Control Message Protocol (ICMP) echo packets with variable time to live (TTL) values. The response time of each hop is calculated. To guarantee accuracy, each hop is queried multiple times (usually three times) to better measure the response of that particular hop. Traceroute is a network diagnostic tool used to track the pathway taken by a packet on an IP network from source to destination, Traceroute also records the time taken for each hop the packet makes during its route to the destination. Traceroute uses Internet Control Message Protocol (ICMP) echo packets with variable time to live (TTL) values. ‘The response time of each hop is calculated. To guarantee accuracy, each hop is queried multiple times (usually three times) to better measure the response of that particular hop. Traceroute sends packets with TTL values that gradually increase from packet to packet, starting with TTL value of one, Routers decrement TTL values of packets by one when routing and discard packets whose TTL value has reached zero, returning the ICMP error message ICMP Time Exceeded. For the first set of packets, the first router receives the packet, decrements the TTL value and drops the packet because it then has TTL value zero. The router sends an ICMP Time Exceeded message back to the source. The next set of packets are given a TTL value of two, so the first router forwards the packets, but the second router drops them and replies with ICMP Time Exceeded 2 Downloaded by Aart R (aa Jal com)Proceeding in this way, traceroute uses the returned ICMP Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an ICMP Echo Reply message. With the tracert command shown above, we're asking tracert to show us the path from the local computer all the way to the network device with the hostname www.google.com, #racent google.com ng eee ee eer) PUTA eed rot et ‘The ping command sends an echo request to a host available on the network. Using this command, you can check if your remote host is responding well or not. Tracking and isolating hardware and software problems. Determining the status of the network and various foreign hosts. The ping command is usually used as a simple way to verify that a computer can communicate over the network with another computer or network device. The ping command operates by sending Internet Control Message Protocol (ICMP) Echo Request messages to the destination computer and waiting for a response # pingl72.16.6.2 Bid C\Windows\system32\cmd.ere and Rites a arrests ees beth ie Sear Carer oe EE rato reer ng host-Lise frees etearat oar rears crete a Bit) Gree rere) Paterna Renae ce’ eee RY Received = 8, Loot = 4 (108% los UESTION: IVA (Pre &Post Lab) Define network Define network topol What is OSI Layers. What is the use of netstat command? What is nslookup command? ‘What is the purpose of traceroute command? What is ping command, RESULT: Thus the various networks commands like tepdump, netstat, ifconfig, nslookup and traceroute ping are executed successfully. 4 42€1gmeil com