CN Lab EXP-1
CN Lab EXP-1
Understanding and using of commands like ifconfig, netstat, ping, arp, telnet, ftp, finger,
traceroute, whois etc. Usage of elementary socket system calls (socket (), bind(),
listen()accept(),connect(),send(),recv(),sendto(),recvfrom()).
Program Objective:
Understanding and using of commands like ifconfig, netstat, ping, arp, telnet, ftp, finger,
traceroute, whois
Program Description:
R
UNIX utilities are commands that, generally, perform a single task. It may be as simple as
printing the date and time, or a complex as finding files that match many criteria throughout a
directory hierarchy
IFCONFIG
The Unix command ifconfig (short for interface configurator) serves to configure and control
TCP/IP network interfaces from a command line interface (CLI). Common uses for ifconfig
include setting an interface's IP address and netmask, and disabling or enabling a given
interface. Ipconfig is an MS-DOS utility that can be used from MS-DOS and an MS-DOS shell to
display the network settings currently assigned and given by a network. This command can be
utilized to verify a network connection as well as to verify your network settings. Syntax:
ipconfig [/allcompartments] [/? | /all | /renew [adapter] | /release [adapter] | /renew6
[adapter] | /release6 [adapter] | /flushdns | /displaydns | /registerdns | /showclassid adapter
| /setclassid adapter [classid] | /showclassid6 adapter | /setclassid6 adapter [classid] ] Example:
ipconfig /all
1
NETSTAT
netstat (network statistics) is a command-line tool that displays network connections (both
incoming and outgoing), routing tables, and a number of network interface statistics. It is used
for finding problems in the network and to determine the amount of traffic on the network as
a performance measurement.
Parameters
Parameters used with this command must be prefixed with a hyphen (-) rather than a slash (/).
-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is
listening.
-e : Displays ethernet statistics, such as the number of bytes and packets sent and received.
This parameter can be combined with -s.
-f : Displays fully qualified domain names for foreign addresses.
-i : Displays network interfaces and their statistics (not available under Windows) -n : Displays
active TCP connections, however, addresses and port numbers are expressed numerically and
no attempt is made to determine names.
-o : Displays active TCP connections and includes the process ID (PID) for each connection.
-p Linux: Process : Show which processes are using which sockets
Syntax: NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-x] [-t] [interval]
OUTPUT
PING
Ping is a computer network tool used to test whether a particular host is reachable across an IP
network; it is also used to self test the network interface card of the computer, or as a speed
test. It works by sending ICMP “echo request” packets to the target host and listening for ICMP
2
“echo response” replies. Ping does not estimate the round-trip time, as it does not factor in the
user's connection speed, but instead is used to record any packet loss, and print a statistical
summary when finished. The word ping is also frequently used as a verb or noun, where it is
usually incorrectly used to refer to the round-trip time, or measuring the round-trip time.
Syntax: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k
host-list]] [-w timeout] [-R] [-S srcaddr] [-4] [-6 target_name]
OUTPUT
ARP
In computer networking, the Address Resolution Protocol (ARP) is the method for finding a
host's link layer (hardware) address when only its Internet Layer (IP) or some other Network
Layer address is known. ARP has been implemented in many types of networks; it is not an IP-
only or Ethernet-only protocol. It can be used to resolve many different network layer protocol
addresses to interface hardware addresses, although, due to the overwhelming prevalence of
IPv4 and Ethernet, ARP is primarily used to translate IP addresses to Ethernet MAC addresses.
Arp syntax:
ARP -s inet_addr eth_adr [if_addr]
ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]
Example: arp -a
OUTPUT
3
TELNET
Telnet (Telecommunication network) is a network protocol used on the Internet or local area
network (LAN) connections. Typically, telnet provides access to a command-line interface on a
remote machine. The term telnet also refers to software which implements the client part of
the protocol. Telnet clients are available for virtually all platforms
Protocol details:
Telnet is a client-server protocol, based on a reliable connection-oriented transport. Typically
this protocol is used to establish a connection to TCP port 23 Syntax: telnet [-468ELadr] [-S tos]
[-b address] [-e escapechar] [-l user] [-n tracefile] [host [port]] Example: telnet myhost.com
FTP
4
FTP server to the FTP client. FTP uses out-of-band control, which means it uses a separate
connection for control and data. Thus, for the actual file transfer to take place, a different
connection is required which is called the data stream.
FINGER:
In computer networking, the Name/Finger protocol and the Finger user information protocol
are simple network protocols for the exchange of human-oriented status and user information.
finger looks up and displays information about system users.
Syntax: finger [-lmsp] [user ...] [user@host ...]
Example: finger -p ch
TRACEROUTE:
traceroute is a computer network tool used to determine the route taken by packets across an
IP network . An IPv6 variant, traceroute6, is also widely available.Traceroute is often used for
network troubleshooting. By showing a list of routers traversed, it allows the user to identify
the path taken to reach a particular destination on the network. This can help identify routing
problems or firewalls that may be blocking access to a site. Traceroute is also used by
penetration testers to gather information about network infrastructure and IP ranges around a
given host. It can also be used when downloading data, and if there are multiple mirrors
available for the same piece of data, one can trace each mirror to get a good idea of which
mirror would be the fastest to use.
Syntax: traceroute [-46dFITUnreAV] [-f first_ttl] [-g gate,...] [-i device]
[-m max_ttl] [-p port] [-s src_addr] [-q nqueries]
5
The WHOIS system originated as a method that system administrators could use to look up
information to contact other IP address or domain name administrators (almost like a "white
pages").
Syntax: whois [ -h HOST ] [ -p PORT ] [ -aCFHlLMmrRSVx ] [ -g SOURCE:FIRST-LAST ] [ -i ATTR ] [ -
S SOURCE ] [ -T TYPE ] object
Example: whois www.google.com
Socket
To do network I/O, the first thing a process must do is to call the socket system call, specifying
the type of communication protocol desired.
#include<sys/types.h>
#include<sys/socket.h>
6
/* A program to create a socket using socket systemcall*/
#include<stdio.h>
#include<sys/socket.h>
#include<sys/types.h>
#include<netinet/in.h>
#include<stdlib.h>
int main() {
int sfd; struct sockaddr_in serv_addr;
if((sfd=socket(AF_INET,SOCK_STREAM,0))<0)
{ perror("socket
error"); exit(-1);
}
serv_addr.sin_family=AF_INET; serv_addr.sin_port=htons(4890);
serv_addr.sin_addr.s_addr=inet_addr("172.16.0.1");
if((bind(sfd,(struct sockaddr *) & serv_addr,sizeof(serv_addr)))<0)
{ perror("bind
error"); exit(-1);
}
printf("address binded...."); printf("\nserver ip address is
%s",inet_ntoa(serv_addr.sin_addr)); printf("\n port
number=%d\n",ntohs(serv_addr.sin_port)); close(sfd);
return 0; } O/P:
address binded server ip address
is 172.16.0.1
portnumber=4890
7
#include<sys/socket.h>
int bind(int sockfd, struct sockaddr *myaddr, int addrlen);
The first argument is the socket descriptor returned from socket system call. The second
argument is a pointer to a protocol-specific address and the third argument is the size of this
address. There are three uses of bind
1. Servers register their well-known address with the system. It tells the system "this is my
address and any messages received for this address are to be given to me." Both
connectionoriented and connectionless servers need to do this before accepting client
requests.
2. A client can register a specific address for itself.
3. A connectionless client needs to assure that the system assigns it some unique address, so
that the other end (the server) has a valid return address to send its responses to. This
corresponds to making certain an envelope has a valid return address, if we expect to get a
reply from the person we sent the letter to
#include<stdio.h>
#include<sys/socket.h>
#include<sys/types.h>
#include<netinet/in.h>
#include<stdlib.h>
int main() {
int sfd; struct sockaddr_in serv_addr;
if((sfd=socket(AF_INET,SOCK_STREAM,0))<0)
{ perror("socket
error"); exit(-1);
}
serv_addr.sin_family=AF_INET; serv_addr.sin_port=htons(4890);
serv_addr.sin_addr.s_addr=inet_addr("172.16.0.1"); if((bind(sfd,(struct
sockaddr *) & serv_addr,sizeof(serv_addr)))<0)
{ perror("bind
error"); exit(-1);
}
printf("address binded...."); printf("\nserver ip address is
%s",inet_ntoa(serv_addr.sin_addr)); printf("\n port
8
number=%d\n",ntohs(serv_addr.sin_port)); close(sfd); return
0; }
O/P:
address binded ... server ip address
is 172.16.0.1
portnumber=4890
connectA client process connects a socket descriptor following the socket system call to establish
aconnection with a server.
#include <sys/types.h>
#include <sys/socket.h>
9
These system calls are similar to the standard read and write system calls, but additional arguments
are required.
#include <sys/types.h>
#include <sys/socket.h>
int send(int sockfd, char *buff, int nbytes, int flags); int sendto(int sockfd, char *buff, int
nbytes, int flags, struct sockaddr *to, int addrlen); int recv(int sockfd, char *buff, int nbytes,
int flags); int recvfrom(int sockfd, char *buff, int nbytes, int flags, struct sockaddr *from, int
*addrlen);
The first three arguments, sockfd, buff, and nbytes, to the four system calls are similar to the first
three arguments for read and write. The flags argument can be safely set to zero ignoring the details
for it. The to argument for sendto specifies the protocol-specific address of where the data is to be
sent. Since this address is protocol-specific, its length must be specified by addrlen. Therecvfrom
system call fills in the protocol-specific address of who sent the data into from. The length of this
address is also returned to the caller in addrlen. Note that the final argument to sendtois an integer
value, while the final argument to recvfrom is a pointer to an integer value.
close
The normal Unix close system call is also used to close a socket.
int close(int fd);
If the socket being closed is associated with a protocol that promises reliable delivery (e.g., TCP
or SPP), the system must assure that any data within the kernel that still has to be transmitted or
acknowledged, is sent. Normally, the system returns from the close immediately, but the kernel still
tries to send any data already queued.
RESULT: