ADVANCED COMPUTER NETWORKS LAB

ETIT-453

Faculty Name: Mr. Bhaskar Kapoor Student name: Khushi Chaudhary

Roll No.: 20714803120

Semester: 7TH

Group: 7I - 8

Maharaja Agrasen Institute of Technology, PSP Area,

Sector – 22, Rohini, New Delhi – 110085

1
 MAHARAJA AGRASEN INSTITUTE OF TECHNOLOGY
VISION
To nurture young minds in a learning environment of high academic value and imbibe spiritual
and ethical values with technological and management competence.

MISSION
The Institute shall endeavor to incorporate the following basic missions in the teaching
methodology:

Engineering Hardware – Software Symbiosis

Practical exercises in all Engineering and Management disciplines shall be carried out by
Hardware equipment as well as the related software enabling deeper understanding of basic
concepts and encouraging inquisitive nature.

Life – Long Learning

The Institute strives to match technological advancements and encourage students to keep updating
their knowledge for enhancing their skills and inculcating their habit of continuous learning.

Liberalization and Globalization

The Institute endeavors to enhance technical and management skills of students so that they are
intellectually capable and competent professionals with Industrial Aptitude to face the challenges
of globalization.

Diversification

The Engineering, Technology and Management disciplines have diverse fields of studies with
different attributes. The aim is to create a synergy of the above attributes by encouraging analytical
thinking.

Digitization of Learning Processes

The Institute provides seamless opportunities for innovative learning in all Engineering and
Management disciplines through digitization of learning processes using analysis, synthesis,
simulation, graphics, tutorials and related tools to create a platform for multi- disciplinary
approach.

Entrepreneurship

The Institute strives to develop potential Engineers and Managers by enhancing their skills and
research capabilities so that they become successfully entrepreneurs and responsible citizen

2
 MAHARAJA AGRASEN INSTITUTE OF TECHNOLOGY
Department of Information Technology

Vision
To establish a center of excellence promoting Information Technology related education and
research thus producing technocrats and entrepreneurs with ethical values.

Mission
M1: Provide quality education in Information Technology.

M2: Empower graduates to excel in hardware and software development while cultivating an
entrepreneurial mindset for impactful contributions to the ever-evolving tech landscape.

M3: Instil moral and ethical values to equip students for a lifetime of continuous learning.

Program Educational Objectives (PEOs)

PEO1 The graduates would apply their professional skills in Information Technology to
solve contemporary problems.

PEO2 The graduates would pursue higher studies to acquire advanced knowledge for
research and innovation.

PEO3 The graduates would exhibit high standards of professionalism, demonstrate strong
interpersonal and collaborative abilities with adherence to professional ethics.

Program Specific Outcomes (PSOs)

PSO1 Proficient at identifying suitable data structures and algorithms for designing,
executing and validating efficient solutions for computing problems.

PSO2 Acquire adequate knowledge in emerging areas of Information Technology such

as Artificial Intelligence, Big Data and Cloud Computing for a successful
professional career or higher education.

PSO3 To excel in Hackathons and other technical challenges/coding challenges

3
Data Structures Lab CO’s and its mapping with PO’s and
PSO’s
Program Outcomes (POs): Engineering Graduates will be able to:
1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering
fundamentals, and an engineering specialization to the solution of complex engineering problems.
2. Problem analysis: Identify, formulate, review research literature, and analyze complex
engineering problems reaching substantiated conclusions using first principles of mathematics,
natural sciences, and engineering sciences.
3. Design/development of solutions: Design solutions for complex engineering problems
and design system components or processes that meet the specified needs with appropriate
consideration for the public health and safety, and the cultural, societal, and environmental
considerations
4. Conduct investigations of complex problems: Use research-based knowledge and
research methods including design of experiments, analysis and interpretation of data, and
synthesis of the information to provide valid conclusions.
5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and
modern engineering and IT tools including prediction and modeling to complex engineering
activities with an understanding of the limitations.
6. The engineer and society: Apply reasoning informed by the contextual knowledge to
assess societal, health, safety, legal and cultural issues and the consequent responsibilities relevant
to the professional engineering practice.
7. Environment and sustainability: Understand the impact of the professional engineering
solutions in societal and environmental contexts, and demonstrate the knowledge of, and need for
sustainable development.
8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities
and norms of the engineering practice.
9. Individual and team work: Function effectively as an individual, and as a member or
leader in diverse teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the
engineering community and with society at large, such as, being able to comprehend and write
effective reports and design documentation, make effective presentations, and give and receive
clear instructions.
11. Project management and finance: Demonstrate knowledge and understanding of the
engineering and management principles and apply these to one’s own work, as a member and
leader in a team, to manage projects and in multidisciplinary environments.
12. Life-long learning: Recognize the need for, and have the preparation and ability to engage
in independent and life-long learning in the broadest context of technological chang

4
Course Objective of Data Structure Lab and its mapping with PO's
and PSO's
Course Outcomes
CO Statement

Student will be able to understand the networking cables like STP, UTP Coaxial cable and
ETIT453.1
fiber optics.

ETIT453.2 Student will be able to understand the various networking devices like Hub, Switches and Routers.

The working of Cisco packet tracer for various layer in TCP/IP Model is understood along
ETIT453.3 with the connection establishment, recovery, release, multiplexing and TCP Protocol is
facilitated.

Students will be able to Understand to establish a web server connection using the PC`s
ETIT453.4
web Browser.

Student will be able to understand how to capture events and viewing animation in
ETIT453.5
simulation mode; also look inside packet in simulation mode,.

ETIT453.6 Student will be able to understand how to configure DHCP server and routers.

CO-PO & CO-PSO Mapping

CO PO1 PO2 PO3 PO4 PO5 PO6 PO7 PO8 PO9 PO10 PO11 PO12 PSO1 PSO2 PSO3

CO1 2 1 1 2 2 2 1 1 2 1 2 3 2 2 2

CO2 2 3 2 2 1 2 - 2 3 3 - 2 2 1 2

CO3 3 2 2 2 1 2 1 1 2 2 2 2 3 1 2

CO4 2 1 1 2 2 - 1 2 2 2 2 3 3 3 2

CO5 3 2 2 2 2 2 2 1 3 2 3 3 2 3 1

CO6 3 2 1 1 2 1 2 1 2 1 2 2 3 2 1

Average 2.25 1.75 1.5 2 1.5 2 1 1.5 2.25 2 2 2.5 2.5 1.75 1.667

5
Rubrics Evaluation

6
 ADVANCED COMPUTER NETWORKS LAB
PRACTICAL RECORD
PAPER CODE : ETIT-453

Name of the student : Khushi Chaudhary

University Roll No. : 20714803120

Branch : Information Technology

Section/ Group : 7I - 8

PRACTICAL DETAILS

a) Experiments according to the list provided by GGSIPU

Expt Marks (0-3) Mark

Date Experiment Name Sign
No. (15)
R1 R2 R3 R4 R5

1. Configuration and logging to a CISCO Router and

introduction to the basic user Interfaces.

2. Configuration of IP addressing for a given scenario

for a given set of topologies.

3. Configure a DHCP Server to serve contiguous IP

addresses to a pool of four IP devices with a default
gateway and a default DNS address. Integrate the
DHCP server with a BOOTP demon to
automatically serve Windows and Linux OS
Binaries based on client MAC address.

4. Configure DNS: Make a caching DNS client, and a

DNS Proxy; implement reverse DNS and forward
DNS, using TCP dump/Wireshark characterise
traffic when the DNS server is up and when it is
down.

5. Configure FTP Server on a Linux/Windows machine

using a FTP client/SFTP client characterise file
transfer rate for a cluster of small files 100k each
and a video file of 700mb.Use a TFTP client and
repeat the experiment.

6. Program a simple SMTP client and POP3 client

using Java

7
7. Discovering ARP using Wireshark.

8. Set Up Ad-Hoc Wireless Network in Windows XP.

b) Experiments Additional list beyond GGSIPU

Marks(0-3) Total
Expt Marks
Date Experiment Name Sign
No. R1 R2 R3 R4 R5 (15)

1. Write a simple SMTP Client in C++ or

Java to send and receive mail.

2. Write a program in Java to implement

TCP client server architecture.

8
 EXPERIMENT: 1
Aim: Configuration and logging to a CISCO Router and introduction to the basic user Interfaces.
Introduction to the basic router configuration and basic commands.

Cisco Router Configuration – Introduction to Cisco Internetwork Operating System (IOS)

Cisco routers are powered by the Cisco IOS which allows the routers to be configured to perform
specific tasks. Before you start configuration of a Cisco Router, you must understand the two
EXEC modes available on a router: user EXEC mode and privileged EXEC mode. User mode
allows you to perform basic trouble shooting tests, telnet to remote hosts, and list router system
information. You know that the router is in this mode if the prompt is the router name followed by
the greater than sign: RouterName>. Privileged mode, sometimes called “enable mode”, allows
for full router configuration and advanced troubleshooting. “RouterName#” is an example of the
privileged mode prompt. If you log into a router via a console or telnet connection, you enter user
mode. To enter privileged mode requires that you issue the enable command. Before you actually
configure a Cisco router, you must understand the two main configuration modes: global
configuration mode and interface configuration mode.
Each of the routers we use has two Ethernet interfaces. Settings made in global
configuration mode affect overall router operations. You can use the command configure to enter
this mode after you are in the privileged mode. If you wish to configure a particular interface, you
must use interface configuration mode. To enter this mode, you need to be in the global
configuration mode. You then enter the interface command followed by the name and number of
the interface you wish to enter. If the router is in global configuration mode, the prompt will be
RouterName (config)# while in interface configuration mode it will be RouterName(config-if)#.

THE BIG PICTURE: Task 1 is the groundwork. In task 2 and 3, group A will configure LAN A
and Group B will configure LAN B. Task 4 will require the two groups work together to
interconnect the two LANs.
This lab requires two groups of two to work together as a team. For each group, there will
be one designated router and switch. The routers provided are Cisco 2621 models. Cisco 12.0(7)
IOS is loaded on them. The switch is a Cisco 2900 model with 12 ports.

Initial Setup

1. Plug one end of the rollover cable (null modem) into the console port of the router
2. Locate the computer with a DB9m adapter connected to its serial port. This serial port is
already configured as COM1 in Windows 2000.
3. Plug the other end of the cable to the DB9m adapter.
4. Verify that each of the two PCs is physically connected to the dedicated switch with
Ethernet cables.

9
Task 1 – Log on to the router using HyperTerminal
We will use a Windows program called HyperTerminal to log on to your router from one of your
PCs.
1. Verify the router is turned off.
2. Launch HyperTerminal at

Start→Programs→Accessories→Communication→ HyperTerminal.
You will now need to configure HyperTerminal so that it communicates with the router on COM1.
3. Type router for the Connection Description Name.
4. In the Connect To window the fourth field is titled "Connect Using:" Scroll down to select
COM1, and then click OK
5. Confirm and change if necessary the following settings in the COM1 Properties window
popped up.
Bits Per Second: 9600
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: Xon/Xoff
6. Click OK. At the bottom left of the window, it should say "Connected" along with a
connection timer.
7. Turn on the router. Observe the boot-up procedure being displayed. This lists information
about the hardware, as well as the initial configuration. We will be modifying this configuration
during this lab. Be patient during this step, the router can take up to 3 minutes to boot.
8. Note that there are two Ethernet interfaces at the back of the router. An IP address should
already be assigned to each of these interfaces.
9. Type show interfaces to see their current state.
10. Record the MAC address, the speed of the interface, the Maximum Transfer Unit (MTU),
and IP address for each interface in the table below. This information is the details about each
interface.
MAC address Speed MTU

Table-1
11. When the router boots up initially, it is in the User EXEC mode. This has limited
capabilities, which can be seen with the "?" command.
Type ?. Fill in the table below with the description given for the following commands. Also
observe other commands available.
Table-2

10
 Enable
Show
Traceroute
Ping

TIP: You can type the ? command at any time to receive context sensitive help.

Task 2 – Clear router configuration

Because we are unsure of the validity of the current configuration, we need to re-configure it by
ourselves. First we need to clear the current configuration. To this end, we must be in Privileged
EXEC Mode.

1. Type enable to enter Privileged EXEC Mode.

2. Type the password given on the chalkboard and press enter when prompt. The prompt
should now end with #.
3. Type erase startup-config to clear the current configuration residing on the router.
4. Confirm that you wish to erase nvram filesystem and wait till it completes (up to 30
seconds).
5. Type reload and confirm. This reboots the router and allows the changes to take effect.
6. Type no if asked to save changes.

TIP: One of the nice things about the Cisco IOS is that it does auto complete of commands, if you
type a significant part of the command and press tab, the rest of the command will be added
automatically. Another feature is the ability to abbreviate commands. Yet another and most useful
feature is the ability to query for command syntax. For example if you don’t know what arguments
are accepted for the show command, type show ? and a list of possible arguments is printed. Feel
free to explore this command.

Task 3 – Configure an IP address to the router

Once the router has finished booting up, the previous configuration will be erased and the IOS will
be in the System Configuration Dialog.

Task 3A – Configure FastInterface0/0 (i.e. the Router’s “LAN” interface) Using the
System Configuration Dialog

1. Type yes to enter.

2. Type no to skip the basic management setup.
3. Type yes to see the current interface summary.
4. Type in the name of your group for the host name.

11
5. Type in the password given on the chalkboard for the enable secret. This password
provides access to privileged EXEC mode.
6. Type in the same password for the enable password. It will tell you not to use the same
password, but it is okay. Just type it in again.
7. Type in the same password for the virtual terminal password.
8. Type no to configuring the SNMP Network Management.
9. Type yes to configure IP.
10. Type no to IGRP and RIP routing, as well as bridging and configuring Async lines.
11. Type yes to configure the FastEthernet0/0 interface.
12. Type yes to use the RJ-45 connector.
13. Type yes to full duplex mode.
14. Type yes to configure IP on the interface.
15. Use the following Table 1 for the next prompt.
Group A Group B Subnet Mask Address

FastEtherernet0/0 192.168.0.1 192.168.50.1 255.255.255.0

FastEthernet0/1 192.168.100.1 192.168.100.2 255.255.255.0

Table-3
16. Type no to configure the FastEthernet0/1 interface. We will do this later manually.
17. Type 2 and press Enter to save the newly created configuration.

Task 3B – Configure FastInterface0/1 (i.e. the Router’s “WAN” interface) Manually

18. Type enable to enter the Privileged mode.

19. Type in the password on the chalkboard when prompt. You can tell if this succeeded by
the last character of the command prompt. If it has changed to #, then you are in the Privileged
mode.
20. Type ?. Observe the increased number of commands available. Write down two
commands available in the Privileged EXEC mode that are not available in the User EXEC mode.
21. Type configure terminal to enter the Global Configuration mode. Note the difference in
the command prompt.
22. Type ? to see commands available.
23. Type interface ?. Write down the names of two interfaces that can be configured on
router.
24. Type interface FastEthernet0/1 to enter the Interface Configuration Mode for
FastEthernet0/1.
25. View the help description for the ip command.
26. Type ip address XXX.XXX.XXX.XXX YYY.YYY.YYY.YYY where the X's are the
place for the IP address, while the Y's is the place for the subnet address. In this lab, the subnet
address will be 255.255.255.0. Refer again toTable 1 above.

12
27. Type no shutdown in the Interface Configuration Mode to change FastEthernet0/1 to
“administratively up” from “administratively down.”
28. Type CTRL-Z (or type exit twice) to go back to the Privileged mode.
29. Type show ip interfaces brief.
30. Verify that the IP addresses have been correctly assigned.
31. Attach the router’s FastEthernet0/0 interface to your switch with an Ethernet cable.
32. Set up the host machines with the following IP addresses and the correct gateway.
Minimize the HyperTerminal Window.
Group A IP Address: Subnet Mask Address: Gateway:

Computer1 192.168.0.2 255.255.255.0 192.168.0.1

Computer2 192.168.0.3 255.255.255.0 192.168.0.1

Group B IP Address: Subnet Mask Address: Gateway:

Computer1 192.168.50.2 255.255.255.0 192.168.50.1

Computer2 192.168.50.3 255.255.255.0 192.168.50.1

Task 4 – Setting up static routing tables

This task requires Group A and Group B to work together. If you are ahead of your partner group,
feel free to explore other commands available on router.
Now that each network has its gateway configured, we are ready to connect these two networks
together. The remainder of the router configuration will be done across the network that you just
built.

1. We will use an Ethernet cable to act as the connection in the “cloud.” Find the Ethernet
crossover cable and connect it between the FastEthernet 0/1 ports on both routers.
2. Click Start, choose Run, type telnet XXX.XXX.XXX.XXX where the X's are the place for
the IP address of the router interface connected to your switch. Click OK. A telnet session is now
open.
3. Type the password given on the board when prompt.

We will now set up a static routing table in each of the two routers. The idea is for the table to
indicate that the other group's network can be reached via the 0/1 interfaces of both routers. To
create a static entry in the routing table of the router, you must be in Configuration Mode.

4. Enter the Privileged EXEC Mode.

5. Type config terminal.
6. Wait until the other group finishes Step 6.
13
7. Use the command ip route to set up the static routing table.
This command requires three parameters: 1) destination network/subnet number, 2) its subnet
mask and 3) The IP address of the next hop that can reach the destination network. As an example,
Group A should issue the command: "ip route 192.168.50.0 255.255.255.0 192.168.100.2".
Pre-lab Question 4: What command should Group B issue to set up an entry in the routing table
so that machines in LAN2 can access machines in LAN1?
8. By pinging a host from the other group, verify that the static routing table has been created,
and hosts from both groups are able to communicate with each other. Note that you need to use
the command prompt to run ping.
9. Type exit to return to Privileged EXEC mode.
10. To view the routing table, type show ip route. List the entries in the routing table. Indicate
the line of the table that represents the entry that you just placed into the table-4.

Table-4
11. Gaining information about the topology of our network.
tracert, short for traceroute, responds back with information on the route that was to the
destination host, for example the number of hops between the two hosts. To some degree, this
information can be even used to see physical distances between two hops by looking at the time
delay between the two hops.
In a command prompt, type tracert on a host within your group's network. Record the information
returned. Now execute a tracert command on a host in the other group. Record this information.

VIVA QUESTIONS:

Q1. What is the primary purpose of a Cisco router in a network?

ANS. A Cisco router, like any other router, serves as a key networking device that facilitates
communication between different networks. Its primary purpose is to route data packets between
networks, ensuring that data reaches its intended destination efficiently and accurately. Here are
some key functions and purposes of a Cisco router in a network:
 Routing: - The fundamental function of a router is to analyze the destination IP addresses
of incoming data packets and determine the most efficient path for forwarding them to their
destination.
 Interconnecting Networks: -Routers are used to interconnect different networks, such as
connecting a local area network (LAN) to the internet or linking multiple LANs within an
organization.
 Packet Forwarding: - Routers forward data packets between networks based on the routing
table, which contains information about the best paths to reach specific destinations.

14
  Network Address Translation (NAT): - Cisco routers often perform NAT to allow multiple
devices within a private network to share a single public IP address when accessing the
internet. This helps conserve public IP addresses.
 Security: - Routers provide a level of network security by acting as a barrier between
different networks. Access control lists (ACLs) and firewall features can be configured on
Cisco routers to control the flow of traffic and enhance security.

Q2. Describe the different user interfaces available on a Cisco router.

ANS. Cisco routers typically offer three main types of user interfaces:
1. Command Line Interface (CLI): - The text-based interface where users interact with the
router by entering commands. It provides a powerful and flexible way to configure and
manage the router.
2. Web-Based Interface (Web GUI): -A graphical user interface accessed through a web
browser, allowing users to configure the router using a visual interface. Cisco often refers
to this as the web-based device manager (WebDM) or Cisco Configuration Professional
(CCP).
3. Auxiliary Port and Console Port: - Physical ports on the router that allow direct access for
configuration and management. The console port is typically used with a serial cable and
terminal emulation software, while the auxiliary port can be used for remote access.
Q3. Explain the process of logging into a Cisco router using the console port.
ANS. To log into a Cisco router using the console port:
 Connect a computer to the router's console port using a console cable.
 Use terminal emulation software (e.g., PuTTY, Tera Term) on the computer.
 Configure the software with the appropriate serial port settings (baud rate, data bits, parity,
stop bits).
 Power on the router or restart it.
 Once the router boots up, you'll see the login prompt.
 Enter the username and password when prompted to access the router's CLI.
Q4. How do you view the current configuration of a Cisco router?
ANS. To view the current configuration of a Cisco router, use the following command in the
router's command line interface (CLI):
show running-config
This command displays the running configuration, which represents the current operational
configuration of the router.
Q5. What security considerations should be considered when configuring a Cisco router?
ANS. When configuring a Cisco router for security:
 Use strong passwords with encryption.
 Secure remote access (SSH, not Telnet).
 Physically secure the router.
 Implement Role-Based Access Control (RBAC).
 Enable logging for audit trails.
 Use encryption and VPNs for secure communication.
15
 EXPERIMENT: 2
Aim: Configuration of IP addressing for a given scenario for a given set of topologies.
To change the computer’s IP address in Windows, type network and sharing into the Search
box in the Start Menu and select Network and Sharing Center when it comes up. If you are in
Windows 8.x it will be on the Start Screen itself, like the screenshot at the top of this article. If
you’re in Windows 7 or 10 it’ll be in the start menu.

Then when the Network and Sharing Center opens, click on Change adapter settings. This
will be the same on Windows 7 or 8.x or 10.

16
Right-click on your local adapter and select Properties.

In the Local Area Connection Properties window highlight Internet Protocol Version 4
(TCP/IPv4)then click the Properties button.

17
Now select the radio button Use the following IP address and enter in the correct IP, Subnet
mask, and Default gateway that corresponds with your network setup. Then enter your Preferred
and Alternate DNS server addresses. Here we’re on a home network and using a simple Class
C network configuration and Google DNS. Check Validate settings upon exit so Windows can
find any problems with the addresses you entered. When you’re finished click OK.

Now close out of the Local Area Connections Properties window.

18
Windows will run network diagnostics and verify the connection is good. Here we had no
problems with it, but if you did, you could run the network troubleshooting wizard.

Now you can open the command prompt and do an ipconfig to see the network adapter
settings have been successfully changed.

19
VIVA QUESTIONS:

Q1. Explain the purpose of IP addressing in a computer network.

ANS. The purpose of IP addressing in a computer network is to uniquely identify and locate
devices within the network. IP addresses enable the routing of data packets, ensuring accurate
delivery from source to destination across the network. They provide a standardized way for
devices to communicate, allowing data to be sent and received in a reliable and organized
manner.
Q2. Describe a scenario where you would need to configure IP addresses for a network.
ANS. A scenario where you would need to configure IP addresses for a network is when setting
up a business office with multiple computers. Each computer and network device needs a unique
IP address to enable communication within the local network and access resources such as
printers, servers, and internet connectivity. IP addressing ensures proper data routing and
facilitates seamless communication among devices in the office network.
Q3. What is subnetting, and why is it necessary?
ANS. Subnetting is the practice of dividing an IP network into smaller, logically segmented
subnetworks. It is necessary to optimize address space usage, improve network performance,
enhance security by isolating segments, and efficiently allocate IP addresses based on the
organization's needs. Subnetting helps in organizing and managing IP addresses in a more
scalable and structured manner.
Q4. What is CIDR notation, and how is it used in IP addressing?
ANS. CIDR (Classless Inter-Domain Routing) notation is a way to represent IP addresses and
their associated routing prefix. It consists of the IP address followed by a forward slash and a
subnet mask length, indicating how many bits of the address are used for the network portion.
For example, "192.168.1.0/24" represents an IP network where the first 24 bits are the network
portion, and the remaining 8 bits are for host addresses. CIDR notation is used for efficient IP
address allocation and routing in modern networks.
Q5. Explain the role of a router in IP address assignment.
ANS. A router plays a role in IP address assignment by acting as a gateway between different
IP networks. It assigns IP addresses to devices within its local network using methods like
DHCP (Dynamic Host Configuration Protocol) and ensures that data packets are properly
routed between networks based on their destination IP addresses. The router facilitates
communication between devices in different IP subnets and manages the distribution of IP
addresses within its local network.

20
 EXPERIMENT: 3
Aim: Configure a DHCP Server to serve contiguous IP addresses to a pool of four IP devices
with a default gateway and a default DNS address. Integrate the DHCP server with a BOOTP
demon to automatically serve Windows and Linux OS Binaries based on client MAC address.

DHCP is short for "Dynamic Host Configuration Protocol", it's a protocol that handles the
assignment of IP addresses, subnet masks, default routers, and other IP parameters to client PCs
that don't have a static IP address. Such computers try to find a DHCP server in their local
network which in turn assigns them an IP address, gateway, etc. so that they can connect to the
internet or other computers from the local network.In this short guide I will show how to set up
a simple DHCP server (ISC-DHCP) on a Debian Sarge (3.1) system whose sole purpose is to
assign IP adresses, a gateway, DNS servers, etc. to client computers from the local network that
don't have a static IP address. You can use such a DHCP server in your home network, your
office, etc., for example if your router doesn't come with a built-in DHCP server. If you set up
such a DHCP server, please make sure you don't already have another one in your LAN as this
might result in conflicts.

Of course, one can imagine much more complicated DHCP setups, but these are outside the
scope of this document. I want to say first that this is not the only way of setting up such a
system. There are many ways of achieving this goal but this is the way I take. I do not issue any
guarantee that this will work for you!

1 Preliminary Note

This is the current situation:

● I'm using the network 192.168.0.0, subnetmask 255.255.255.0, broadcast
address 192.168.0.255.
● My gateway to the internet is 192.168.0.1; on the gateway there's no DHCP server.
● My ISP told me the DNS servers I can use are 145.253.2.75 and 193.174.32.18.
● I have a pool of 30 IP addresses (192.168.0.200 - 192.168.0.229) that can be
dynamically assigned to client PCs and that are not already in use.
● I have an unused Debian Sarge server with the hostname server1.example.com on the
IP address 192.168.0.100 which will act as my DHCP server.

2. Installing The DHCP Server

Now let's install our DHCP server on our Debian Sarge system:

apt-get install dhcp3-server

21
You will be asked a few questions:
On what network interfaces should the DHCP server listen? <-- eth0
Please configure the DHCP server as soon as the installation finishes. <-- Ok
The version 3 DHCP server is now non-authoritative by default <-- Ok
At the end of the installation you will see errors like these:
Generating /etc/default/dhcp3-server...
Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics.
invoke-rc.d: initscript dhcp3-server, action "start" failed.
That's ok because we did not have the chance yet to configure our DHCP server.

3 Configuring The DHCP Server

Now we must configure our DHCP server. We must tell it from which IP range it should assign
IP addresses to requesting clients, which gateway it should assign, which DNS servers, etc.
The configuration file for our DHCP server is /etc/dhcp3/dhcpd.conf. Currently it contains a
sample configuration which we copy to/etc/dhcp3/dhcpd.conf_orig for future reference:

cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf_orig
cat /dev/null > /etc/dhcp3/dhcpd.conf

With the last command we have emptied /etc/dhcp3/dhcpd.conf so that we can place our own
configuration in it which we do now:

vi /etc/dhcp3/dhcpd.conf

The file should look like this:

ddns-update-style none;

option domain-name-servers 145.253.2.75, 193.174.32.18;

default-lease-time 86400;
max-lease-time 604800;

authoritative;

subnet 192.168.0.0 netmask 255.255.255.0 {

range 192.168.0.200 192.168.0.229;

22
 option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
}

I explain the configuration options here:

● ddns-update-style: You can tell the DHCP server to update a DNS server if the IP
address of a server in your LAN has changed (because it has been assigned a different IP by
DHCP). As we do not run servers in our LAN or always give them static IP addresses (which
is a good idea for servers...) we don't want to update DNS records so we set this to none.
● option domain-name-servers: This tells the DHCP server which DNS servers it should
assign to a client. You can specify more than one DNS server here, seperated by commas.
● default-lease-time, max-lease-time: A client can tell the DHCP server for how long it
would like to get an IP address. If it doesn't do this, the server assigns an IP address for default-
lease-time seconds; if it does, the server grants the requested time, but only up tomax-lease-
time seconds.
● authoritative: If this is not set this means that if a client requests an address that the
server knows nothing about and the address is incorrect for that network segment, the server
will _not_ send a DHCPNAK (which tells the client it should stop using the address.) We don't
want this so we set authoritative.
● subnet: The subnet to use.
● netmask: The netmask to use.
● range: Tells the DHCP server from which range it can assign IP addresses to clients. In
our example it's from 192.168.0.200 to192.168.0.229 (30 IP addresses).
● option broadcast-address: The broadcast address to use.
● option routers: Tells the DHCP server the gateway address it should assign to requesting
clients. In our case the gateway is192.168.0.1.
If you are not sure about your personal network settings (network, netmask, broadcast address,
etc.), visit www.subnetmask.info where you can calculate your settings.
You see, this is a very simple and basic configuration, but it's enough to make our DHCP server
functionable. Now let's start it:

/etc/init.d/dhcp3-server restart

Afterwards you can check the output of

ps aux

to see if DHCP is running. You should also see it in the output of

23
 netstat -uap

which should resemble this one:

Active Internet connections (servers and established)

Proto Recv-Q Send-Q Local Address Foreign Address State
PID/Program name
udp 0 0 *:bootps *:* 2185/dhcpd3
udp 0 0 *:868 *:* 1964/rpc.statd
udp 0 0 *:871 *:* 1964/rpc.statd
udp 0 0 *:sunrpc *:* 1553/portmap

You can see that DHCP is running on the bootps UDP port which translates to port 67 UDP
(run

grep bootps /etc/services

and you will see that bootps means port 67).

Finally you can check /var/log/syslog if any errors occurred during the DHCP server start. To
see the last 100 lines of /var/log/syslog, for example, run

tail -n 100 /var/log/syslog

4 How Can I See That My DHCP Server Is Working OK?

To see if your DHCP server is working as expected, boot another PC (Windows, Linux, MAC,
...) in your LAN that doesn't have a static IP address. Wait a few seconds, and in /var/log/syslog
on the DHCP server you should see that the DHCP server assigns an IP address to your PC. For
example, in this excerpt of /var/log/syslog, a client PC named matze has been assigned the IP
address 192.168.0.229:
Sep 19 16:01:26 server1 dhcpd: DHCPDISCOVER from 00:0c:76:8b:c4:16 via eth0
Sep 19 16:01:26 server1 dhcpd: DHCPOFFER on 192.168.0.229 to 00:0c:76:8b:c4:16 (matze)
via eth0
Sep 19 16:01:27 server1 dhcpd: DHCPDISCOVER from 00:0c:76:8b:c4:16 (matze) via eth0
Sep 19 16:01:27 server1 dhcpd: DHCPOFFER on 192.168.0.229 to 00:0c:76:8b:c4:16 (matze)
via eth0
Sep 19 16:01:31 server1 dhcpd: DHCPDISCOVER from 00:0c:76:8b:c4:16 (matze) via eth0
Sep 19 16:01:31 server1 dhcpd: DHCPOFFER on 192.168.0.229 to 00:0c:76:8b:c4:16 (matze)
via eth0

24
Sep 19 16:01:31 server1 dhcpd: Wrote 1 leases to leases file.
Sep 19 16:01:31 server1 dhcpd: DHCPREQUEST for 192.168.0.229 (192.168.0.100) from
00:0c:76:8b:c4:16 (matze) via eth0
Sep 19 16:01:31 server1 dhcpd: DHCPACK on 192.168.0.229 to 00:0c:76:8b:c4:16 (matze) via
eth0

The DHCP server writes all current IP address "leases" to the

file /var/lib/dhcp3/dhcpd.leases so you should also find the lease there:

vi /var/lib/dhcp3/dhcpd.leases

# All times in this file are in UTC (GMT), not your local timezone. This is
# not a bug, so please don't ask about it. There is no portable way to
# store leases in the local timezone, so please don't request this as a
# feature. If this is inconvenient or confusing to you, we sincerely
# apologize. Seriously, though - don't ask.
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-V3.0.1
lease 192.168.0.229 {
starts 2 2006/09/19 14:01:31;
ends 3 2006/09/20 14:01:31;
binding state active;
next binding state free;
hardware ethernet 00:0c:76:8b:c4:16;
uid "\001\000\014v\213\304\026";
client-hostname "matze"; }

VIVA QUESTIONS:

Q1. Explain the purpose of a DHCP server in a network.

ANS. The purpose of a DHCP (Dynamic Host Configuration Protocol) server in a network is
to automatically assign IP addresses, subnet masks, default gateways, and other network
configuration information to devices (such as computers or smartphones) when they join the
network. DHCP simplifies network administration by dynamically managing and allocating IP
addresses, reducing the need for manual configuration.

25
Q2. How do you configure a DHCP server to serve contiguous IP addresses?
ANS.
To configure a DHCP server to serve contiguous IP addresses, you typically need to specify the
range of IP addresses in the DHCP server configuration. Here's a general outline of the steps
using a Cisco router as an example:
1. Access the router's command line interface (CLI).
2. Enter global configuration mode
3. Enter the DHCP configuration mode
4. Define the range of IP addresses
5. (Optional) Set other parameters like default gateway and DNS servers
6. Exit the DHCP configuration mode
7. Save the configuration
Q3. Why is it important to configure a default gateway in DHCP?
ANS. Configuring a default gateway in DHCP is important because it enables devices to
communicate with destinations outside their local subnet. The default gateway is the router's IP
address that serves as the exit point for traffic bound for other networks or the internet. Without
a configured default gateway, devices cannot effectively communicate beyond their own
subnet.
Q4. Explain the process of integrating a DHCP server with a BOOTP daemon.
ANS. The process of integrating a DHCP server with a BOOTP (Bootstrap Protocol) daemon
involves configuring the DHCP server to support both DHCP and BOOTP clients. In many
modern DHCP implementations, DHCP inherently supports BOOTP, so separate configuration
might not be necessary. However, for systems where separate configuration is required, here is
a general outline:

1. Access DHCP Server Configuration

2. Enable BOOTP Support
3. Configure BOOTP Parameters
4. Verify Compatibility
5. Restart DHCP Service
6. Testing

Q5. Why would you want to serve OS binaries via DHCP and BOOTP?
ANS. Serving OS binaries via DHCP and BOOTP allows for network booting, where client
devices can boot and load their operating system directly from the network instead of relying
on local storage. This is beneficial for centralized management, quick deployment of operating
systems, and maintaining consistency across multiple devices in a network. It is commonly used
in diskless or thin-client environments and for efficiently deploying and updating operating
systems in large-scale networks.

26
 EXPERIMENT: 4
Aim: Configure DNS: Make a caching DNS client, and a DNS Proxy; implement reverse DNS
and forward DNS, using TCP dump/Wireshark characterise traffic when the DNS server is up
and when it is down.

DNS servers allow client systems to resolve names to IP addresses. Internet applications need
to know the IP address of a destination host before they can connect. A caching-only DNS
server is a special type of DNS in that is it not authoritative for any domain. This means the
caching-only DNS server does not contain any domain resource records. Instead, the caching-
only DNS server accepts DNS queries from DNS client systems, resolves the name in the
request, caches the answer and returns the cached answer to the client that made the initial DNS
query.
A caching-only DNS server is an optional component. You do not need to use a caching-only
DNS server. You can move to the next document in this ISA Server 2004 Configuration Guide
if you do not plan to use a perimeter network segment. If you do choose to use a perimeter
network segment, you should follow the procedures outlined in this document.
DNS servers located in the perimeter network are used for two primary purposes:

● name resolution for domains under your administrative control

● caching-only DNS services for internal network clients, or as forwarders for internal
network DNS servers

A perimeter network DNS server can contain DNS zone information about publicly accessible
domains. For example, if you have implemented a split DNS infrastructure, the public records
for your domain would be contained on the perimeter network DNS server. Internet-located
hosts can query this DNS server and obtain the IP addresses required to connect to resources
you have published through the ISA Server 2004 firewall.
The DNS server on the perimeter network can also act as a caching-only DNS server. In this
role, the machine contains no DNS resource record information. Instead, the caching-only DNS
server resolves Internet host names and caches the results of its queries. It can then return
answers from cache if it has already resolved the name. If not, it can query other DNS servers
on the Internet and cache the results before returning the answer to the client.
In this document we will discuss the following procedures:

● Installing the DNS server service

● Configuring the DNS server as a secure caching-only DNS server

Installing the DNS Server Service

The first step is to install the DNS server service on the perimeter network host. This machine
will act as both a secure caching-only DNS server and a publicly accessible Web and SMTP
relay machine.
Perform the following steps to install the DNS server service on the perimeter network host
computer, TRIHOMELAN1:

27
1. Click Start; point to Control Panel. Click Add or Remove Programs.
2. In the Add or Remove Programs window, click the Add/Remove Windows
Components button on the left side of the window.
3. On the Windows Components page, scroll through the list of Components and
select Networking Services. Click the Details button.
4. In the Networking Services dialog box, put a check mark in the Domain Name System
(DNS) check box and click OK.

5. Click Next on the Windows Components page.

6. Click OK in the Insert Disk dialog box. In the Files Needed dialog box, enter the
path to the i386 folder in the Copy files from text box and click OK.
7. Click Finish on the Completing the Windows Components Wizard page.

The next step is to configure the DNS server as a secure caching-only DNS server.

Configuring the DNS Server as a Secure Caching-only DNS Server

The DNS server on the perimeter network will be in direct contact with Internet hosts. These
hosts can be DNS clients that query the perimeter network DNS server for addresses of publicly
accessible domain resources. They can also be DNS servers on the Internet that the caching-
only DNS server contacts to resolve Internet host names for internal network clients. In this
example, the DNS server will act as a caching-only DNS server and will not host public DNS
records for the domain.
Perform the following steps on the perimeter network DNS servers to configure it as a secure
caching-only DNS server:

1. Click Start and point to Administrative Tools. Click DNS.

28
2. In the DNS management console, right-click the server name in the left pane of the
console and click Properties.
3. In the DNS server’s Properties dialog box, click the Root Hints tab. The entries in
the Name servers list are for Internet root name servers that the caching-only DNS server
uses to resolve Internet host names. Without this list of root DNS servers, the caching-only
DNS server will not be able to resolve the names of machines located on the Internet.

4. Click the Forwarders tab. Make sure there is not a check mark in the Do not use
recursion for this domain check box. If this option is selected, the caching-only DNS server
cannot use the root hints list of the root Internet DNS server to resolve Internet host names.
Select this option only if you decide to use a forwarder. In this case, we do not use a forwarder.

29
5. Click the Advanced tab. Confirm that a check mark appears in the Secure cache
against pollution check box. This prevents Internet DNS servers and attackers from inserting
additional records in a DNS response. These additional records could be used as part of a co-
coordinated DNS attack.

30
6. Click the Monitoring tab. Put checkmarks in the A simple query against this DNS
server and A recursive query to other DNS servers check boxes. Then click theTest
Now button. Note in the Test results frame that the Simple Query shows a Pass, while
the Recursive Query displays a Fail. The reason is that an Access Rule has not been created
that allows the caching-only DNS server access to the Internet. Later, we will create an Access
Rule on the ISA Server 2004 firewall that allows the DNS server outbound access to DNS
servers on the Internet.

7. Click Apply and then click OK in the DNS server’s Properties dialog box.
8. Close the DNS management console.

At this point, the caching-only DNS server is able to resolve Internet host names. Later, we
will create Access Rules allowing hosts on the internal network to use the caching-only DNS
server to resolve Internet host names.

VIVA QUESTIONS:
Q1. Explain the purpose of a caching DNS client.
ANS. The purpose of a caching DNS (Domain Name System) client is to store recently resolved
domain name-to-IP address mappings locally for a certain period of time. Instead of querying a
DNS server for every request, the caching DNS client can quickly provide the IP address of a
previously accessed domain from its local cache.

31
 Benefits of a caching DNS client include:
1. Faster Response Times
2. Reduced Network Traffic
3. Improved Network Efficiency:
4. Offline Access:
Q2. Define the role of a DNS proxy in a network.
ANS. The role of a DNS proxy in a network is to act as an intermediary between client devices
and DNS servers. It caches DNS query responses, reducing latency and network traffic by
providing quick access to previously resolved domain name-to-IP address mappings.
Additionally, a DNS proxy can enhance privacy by masking client IP addresses when
interacting with external DNS servers.
Q3. What is the purpose of reverse DNS?
ANS. The purpose of reverse DNS (Domain Name System) is to map IP addresses to
corresponding domain names. While traditional DNS resolves domain names to IP addresses
(forward DNS), reverse DNS performs the opposite, associating an IP address with a domain
name. This process is crucial for various network operations, security measures, and logging
purposes.
Q4. Describe the steps involved in implementing reverse DNS.
ANS. Implementing reverse DNS involves the following steps:
I. Contact DNS Provider: Contact the DNS provider responsible for managing the IP
address range in question. This is often the internet service provider (ISP) or the
organization managing the IP address block.
II. Create PTR Records: Request the creation of PTR (Pointer) records for the desired IP
addresses. Each PTR record associates an IP address with its corresponding domain
name.
III. Specify Reverse DNS Names: Provide the DNS provider with the desired reverse DNS
names (domain names associated with the IP addresses). These names should reflect
the purpose or identity of the hosts.
IV. Verification and Testing: Verify the correct configuration by performing reverse DNS
lookups using tools like "nslookup" or "dig." Ensure that the results match the
specified reverse DNS names.
V. Update DNS Records: If you manage your own DNS server, update the DNS zone file
with the PTR records. Ensure that the reverse DNS records are synchronized with the
authoritative DNS servers.
VI. Propagation: Allow time for the changes to propagate throughout the DNS system.
This may take some time, depending on the TTL (Time to Live) settings for the DNS
records.
VII. Testing and Validation: Test the reverse DNS configuration by performing lookups
from various locations and ensuring consistency. Validate that the reverse DNS entries
accurately reflect the corresponding IP addresses.
VIII. Documentation: Document the reverse DNS configuration for future reference. Keep
records of the assigned domain names and associated IP addresses.
Q5. Can you identify and explain the DNS protocol messages in a captured traffic trace?
ANS. In a captured traffic trace of DNS (Domain Name System) communication, you will
typically observe various DNS protocol messages exchanged between DNS clients and
servers. The primary DNS messages include queries and responses.

32
DNS queries originate from clients seeking to resolve a domain name to an IP address. The
query message includes the domain name being requested, the query type (such as A for IPv4
address), and the query class (commonly IN for Internet).

DNS responses come from authoritative DNS servers or cached data and provide the answer
to the client's query. The response contains the requested information, including the IP address
associated with the domain name. Responses may also include additional details in the
authority and additional sections, offering information about the authoritative source and
supplementary data.

Less commonly seen are messages like authoritative queries and responses, inverse queries
and responses (associated with mapping IP addresses to domain names), and status requests
and responses that convey information about the server's status.

Analyzing these messages in a captured traffic trace is crucial for troubleshooting DNS-
related issues, monitoring DNS activity, and gaining insights into the resolution process. It
allows network administrators to identify potential problems, such as failed queries or slow
response times, and ensure the efficient functioning of the DNS infrastructure within the
network.

33
 EXPERIMENT: 5
Aim: Configure FTP Server on a Linux/Windows machine using a FTP client/SFTP client
characterise file transfer rate for a cluster of small files 100k each and a video file of 700mb.Use
a TFTP client and repeat the experiment.
1. Introduction

FTP is a service known to almost anyone who works with Internet on daily basis. This guide
will describe in detail how to setup an FTP server on Ubuntu Linux in simple to follow steps.
We will show how to setup an FTP server in normal and stand-alone mode. We will also provide
some security tips for your new FTP setup. This guide will use lightweight and efficient FTP
servervsFTPd, which is designed to withstand on servers with high load.

2. Conventions

Occasionally in this article we will refer to vsFTPd simply as FTP server.

3. What is FTP?

For those who are not familiar with FTP here is a short description of what this service offers.
FTP stand for File Transfer Protocol. As the name suggest this network protocol allows you to
transfer files or directories from one host to another over the network whether it is your LAN
or Internet.

Main features of vsFTPd are: Virtual IP configurations, Virtual users, Standalone or inetd
operation, Powerful per-user configurability, Bandwidth throttling, Per-source-IP
configurability, Per-source-IP limits, IPv6 andEncryption support through SSL integration.

4. Installation of FTP server in Ubuntu

As in any other Ubuntu like Linux systems, installation of the FTP server comes down to a
single command. Open up your terminal and enter the command:

$ sudo apt-get install vsftpd

The above command will install and start the ftp server on your Linux system.

Setting up vsftpd (2.3.5-1ubuntu2) ...

vsftpd start/running, process 1891

5. Stand-alone vs Normal FTP mode

34
5.1. Stand-alone mode

By default vsftpd starts for stand-alone mode. In stand-alone mode the service you run on your
server has its own startup script called daemon. In case of vsftpd it is a /etc/init.d/vsftpd . This
stand-alone daemon will take control of the FTP service the moment it gets started. The vsftpd
daemon provides the administrator with a couple of commands to manage the vsftpd FTP
server:

 start or stop - used to start and stop the ftp server

 status - provides more information about the current status of your FTP server
 restart - this is an alternative to consequent execution of stop and start commands. If
the FTP server is down, the restart command will start it.
 reload - this will instruct the FTP server to reload and apply all new configurations. The
difference between reload and restart is that with reload you are not shutting down your
FTP but rather only reloading it with new configuration settings and at the same time
ensure continuous uptime.

To start, restart, reload or get the status of our FTP server we can use the service utility:

$ sudo service vsftpd start

The above syntax applies to all other commands so simply replace start with a command you
wish to execute.

5.2. Normal mode

The different approach is to start the vsftpd FTP service in a normal mode, which means that
the xinetd superserver will be responsible for keeping up your FTP service alive. To start the
vsftpd FTP server in the normal mode we first need to install the xinetd superserver:

$ sudo apt-get install xinetd

The above command will install and start the xinetd superserver on your system. The chances
are that you already have xinetd installed on your system. In that case you can omit the above
installation command.

Next, create a file called vsftpd in /etc/xinetd.d/ with the following content:

service ftp
{
Disable = no
socket_type = stream

35
 wait = no
user = root
server = /usr/sbin/vsftpd
per_source =5
instances = 200
no_access = 10.1.1.10
banner_fail = /etc/vsftpd.busy
log_on_success += PID HOST DURATION
log_on_failure += HOST
}

and at the same time alter any options to match your situation. The options you need to keep an
eye on are:
server - type "$ which vsftpd" on a command line to get a correct path
no_access - this will block any hosts with IP address defined by this directive
banner_fail - this can be a path to any text file with a text to show to any blocked IP address
In the next step we need to edit the FTP server's configuration file /etc/vsftpd.conf and change
the following line:

listen=YES

to

listen=NO

This will instruct the FTP server not to open any ports and leave it entirely to
the xinetd superserver. Before you start the FPT server in the normal mode using xinetd make
sure to shutdown the vsftpd daemon first with:
$ sudo service vsftpd stop
Now, that we are ready we can start the FTP server in the normal mode with:
$ sudo service xinetd restart
To confirm that your FTP server started normally test and open port 21 with
the netstat command:

$ netstat -ant | grep 21

tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN

6. Making first FTP connection

Whether you start your FTP server in a stand-alone or normal mode you should be able to make
your first local ftp connection. The vsftpd FTP server by default allows anonymous access. This

36
is the user we are going to employ to make our first FTP connection to test the FTP server
installation. To do that, simply execute the ftp command with a localhost as an argument:

$ ftp localhost
Connected to localhost.
220 (vsFTPd 2.3.5)
Name (localhost:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp>
ftp> quit
221 Goodbye.

The above only confirms that your FTP server is setup correctly on the local system. Before
you go deeper into the FTP server configuration you should test your new FTP server
installation using some remote hosts.

7. Configuring FTP server

In the following section we list some basic and simple to configure options.

Important: When making any changes to the FTP server configuration make sure to restart /
reload in order to apply all changes you've made.

7.1. Configuring user access

With the vsftpd FTP server you have the option to leave the FTP service authentication for only
anonymous access or you can allow users , defined in /etc/passwd or in relevant access list, to
login.

7.1.1. Anonymous FTP access

By default the vsftpd FTP server is configured for an anonymous access only. If this is what
your intention is for the FTP server to be used for, you can make anonymous access even easier
by disabling the password requirement. The most secure option for the FTP server is not to
allow users authenticate with the password in a simple clear text format. To disable the
requirement for an anonymous password simply edit the FTP server's configuration file
/etc/vsftpd.conf and set directive no_anon_password to NO:

no_anon_password=YES

7.1.2. Local users FTP access

37
By now your server should be set to disallow any access except for an anonymous user. Set
local_enable directive in the configuration file /etc/vsftpd.conf to allow login all users defined
in /etc/passwd. The default is NO.

local_enable=YES

Now any user defined in /etc/passwd will be able to login with their relevant passwords.

$ ftp localhost
Connected to localhost.
220 (vsFTPd 2.3.5)
Name (localhost:root): lubos
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> quit
221 Goodbye.

7.1.3. User Access list

First create an access list to be used with the vsFTPd FTP server. Normally, you would define
such list in /etc/ directory. Use some arbitrary file name and list all user names in this file, which
you wish to allow or deny access. For example, let's define a new list with a single user "lubos":

echo lubos > /etc/vsftpd.userlist

Next, define a new user list in the configuration file /etc/vsftpd.conf and enable userlist_enable
directive:

userlist_file=/etc/vsftpd.userlist
userlist_enable=YES
userlist_deny=NO

Simply, just by defining and enabling a user list any users listed in /etc/vsftpd.userlist will have
access denied to your FTP server.

To reverse this option and only allow users listed in /etc/vsftpd.userlist set userlist_deny
configuration directive to NO. By doing so you only allow users defined in /etc/vsftpd.userlist
to access your system. The format of /etc/vsftpd.userlist file is one user per line.

38
$ ftp localhost
Connected to localhost.
220 (vsFTPd 2.3.5)
Name (localhost:root): lubos
530 Permission denied.
Login failed.
ftp>

7.2. Changing default port number

By default any FTP server listens on standard port 21 for user authentication and port 20 for
data transfer. The vsFTPd FTP server is no exception. To change default listening port simply
change your /etc/vsftpd.conf configuration file and alter directive listen_port. Thus, to change
your FTP server to listen to on port 2121 simply add the following directive to you configuration
file:

listen_port=2121

followed by the FTP server restart.

However, this only applies if you run vsFPTd in stand-alone mode. In case that you run your
FTP server in a normal mode using thexinetd superserver and you wish to change listening port
to 2121, edit line FTP line /etc/services file and change it from 21 to 2121 and restart xinetd.

$ sudo service xinetd restart

Now, you should be able to see your FTP server to listen on port 2121:

$ netstat -ant | grep 2121

tcp 0 0 0.0.0.0:2121 0.0.0.0:* LISTEN

VIVA QUESTIONS:
Q1. Explain the process of setting up an FTP server on a Linux machine.
ANS. To set up an FTP (File Transfer Protocol) server on a Linux machine, you can start by
installing an FTP server software like vsftpd using your distribution's package manager. Once
installed, configure the server settings by editing the vsftpd.conf configuration file, which is

39
typically located in /etc. Customize options such as anonymous access, directory settings, and
security configurations. Start or restart the FTP service to apply the changes.
To initiate the service automatically upon system boot, enable it with a command like sudo
systemctl enable vsftpd. If you're using a firewall, open the necessary ports (usually 20 and 21)
to allow FTP traffic. Test the FTP server by connecting to it using an FTP client, verifying that
you can log in and perform file transfers. Consider additional steps such as managing users and
permissions based on your requirements. This may involve creating system users or configuring
virtual users for FTP. Ensure that you follow security best practices, such as disabling
anonymous access if not needed, configuring SSL/TLS for secure connections, and keeping the
FTP server software and the underlying system up-to-date. Always refer to the specific
documentation for the FTP server software and your Linux distribution for detailed instructions
and potential nuances in the setup process.
Q2. What are the key configuration settings for an FTP server on a Windows machine?
ANS. To configure an FTP server on a Windows machine using Internet Information Services
(IIS), key settings involve using the IIS Manager. After installing the FTP server role,
authentication settings must be configured, choosing between anonymous or basic
authentication, and establishing authorization rules to control access. FTP site settings,
including the IP address, port, SSL options, and user isolation preferences, need to be defined.
Folder permissions for FTP users should be set for proper read and write access, with SSL/TLS
configurations for secure connections. Enabling logging assists in monitoring and
troubleshooting, and adjustments to the log settings can tailor the captured information.
Additionally, administrators must open the necessary ports in the Windows Firewall, create user
accounts for FTP access, implement IP address and domain restrictions, and optionally
configure FTP over SSL (FTPS) for encrypted connections. These settings provide a tailored
and secure FTP server on a Windows machine, accommodating specific organizational needs.
Q3. How might the transfer rate differ for large files compared to small files?
ANS.
The transfer rate for large files versus small files can differ due to several factors inherent to
file size and the underlying data transfer mechanisms. In general, larger files often benefit from
higher transfer rates compared to smaller files. For large files, several factors contribute to
potentially faster transfer rates. Large files can take advantage of larger transmission buffers,
allowing more data to be sent in a single operation. Additionally, the overhead associated with
initiating and completing the file transfer becomes a smaller proportion of the overall process
for large files, leading to a more efficient use of available bandwidth.
Q4. Describe the steps involved in repeating the file transfer experiment using a TFTP
client.
ANS. To repeat a file transfer experiment using a TFTP (Trivial File Transfer Protocol) client,
follow these general steps:

40
 I. Install a TFTP Client: Ensure that a TFTP client is installed on your system. Popular
TFTP clients include tftp on Linux or macOS and third-party clients like TFTPD32 on
Windows.
II. Start the TFTP Client: Launch the TFTP client application on your computer.
III. Connect to the TFTP Server: Specify the TFTP server's IP address or hostname that you
want to connect to. This can be a local server or a remote server on the network.
IV. Navigate to the Target Directory: If the TFTP server requires authentication or if there's
a specific directory you need to access, navigate to that location using the client's
interface.
V. Upload or Download Files: Depending on your experimental goals, initiate file transfers
by either uploading a file from your computer to the TFTP server or downloading a file
from the TFTP server to your computer.
VI. Monitor Transfer Progress: Observe and monitor the transfer progress within the TFTP
client interface. Look for any error messages or indicators of successful completion.
VII. Record Transfer Time and Results: Record the time taken for the file transfer and note
any observations or issues encountered during the process.
VIII. Repeat the Experiment: If conducting multiple trials or comparing different file sizes,
repeat the experiment with varying files. Ensure that you maintain consistency in the
experimental conditions.
IX. Analysis and Comparison: Analyze the results, comparing transfer times for different
file sizes or experimental variations. Look for patterns or trends in the data.
Q5. What are the advantages and disadvantages of using TFTP compared to FTP?
ANS.
Advantages of TFTP:
TFTP (Trivial File Transfer Protocol) is lightweight, simple, and has minimal overhead, making
it suitable for certain scenarios. It requires less memory and processing power, making it
efficient for basic file transfers in network devices like routers during bootstrapping. TFTP's
simplicity facilitates quick setup and usage.

Disadvantages of TFTP:
However, TFTP lacks security features like authentication and encryption, making it unsuitable
for transferring sensitive data over untrusted networks. It also does not support directory listings
or user authentication, limiting its functionality compared to FTP. Additionally, TFTP may have
slower transfer speeds due to its simplicity, and its reliability is affected by the absence of error-
checking mechanisms, potentially leading to incomplete or corrupted transfers.

Advantages of FTP:
FTP (File Transfer Protocol) offers robust security features, including user authentication and
data encryption through FTPS or SFTP protocols. It supports a wide range of functionalities,
such as directory listings, user authentication, and access control, making it suitable for diverse

41
file transfer requirements. FTP can handle large file sizes efficiently and supports resume
functionality.

Disadvantages of FTP:
On the downside, FTP has higher overhead compared to TFTP, both in terms of setup
complexity and resource utilization. It may not be as suitable for resource-constrained devices
or environments where simplicity is a priority. Additionally, certain firewall configurations may
hinder FTP connections due to the use of multiple ports.

42
 EXPERIMENT: 6

Aim: Program a simple SMTP client and POP3 client using Java
Source Code: public void send(int numOfMails) throws Exception {

String message = "";

System.out.println("Connecting to server ...");
os.writeBytes("HELO\r\n");
int status = 0;//HELO already sent to the server
int count = 0;
while(true){
message = bufReader.readLine();
System.out.println(message);
if(count>=numOfMails)break;

if(message.contains("Aba he")){
System.out.println("Close the connection");
break;
}

System.out.println("Email count: " + count);

switch (status) {

case HELO_RECEIVED: //command HELO already accepted by server

message = bufReader.readLine();
os.writeBytes("MAIL FROM:"+ this.sender + "\r\n");
status = 1;
break;

case MAILFROM_RECEIVED : //command MAIL FROM already accepted by server

os.writeBytes("RCPT TO:"+ this.receiver + "\r\n");
status = 2;
break;

case RCPTTO_RECEIVED : //command RCPT TO already accepted by server

os.writeBytes("DATA\r\n");
status = 3;
break;

case DATA_RECEIVED : //send email body

os.writeBytes(this.body+"\r\n" + "." + "\r\n");
count++;

43
 status=1;
break;
}
}

os.writeBytes("QUIT\r\n");
message = bufReader.readLine();
System.out.println(message);

System.out.println("Client terminates the connection!");

}

VIVA QUESTIONS:
Q1. Explain the purpose of an SMTP client.
ANS. An SMTP (Simple Mail Transfer Protocol) client is responsible for sending outgoing
emails from a user's email application to a mail server. It initiates communication with the
server, submits the sender's message, and directs it toward the recipient's email server for
delivery. The SMTP client handles the transmission of email messages, providing a crucial role
in the email communication process by ensuring the reliable and standardized transfer of
electronic messages across the internet.
Q2. What are the key steps involved in sending an email using SMTP?
ANS. To send an email using SMTP (Simple Mail Transfer Protocol), the key steps involve:
1. Connecting to the SMTP Server
2. SMTP Handshake
3. Sender and Recipient Specification
4. Message Content and Formatting
5. Transmission to SMTP Server
6. SMTP Server Routing
7. Recipient Mailbox Delivery
Q3. Describe the role of a POP3 client in email communication.
ANS. The role of a POP3 (Post Office Protocol 3) client in email communication is to retrieve
and download emails from a mail server to the user's local device. Acting as the interface
between the user's email application and the server, the POP3 client connects to the server,
authenticates the user, and retrieves emails. Once downloaded, the emails are typically removed
from the server, making the local device the primary storage for the user's messages. The POP3
client allows users to manage their emails locally, facilitating offline access and organization
of messages on their devices.

44
Q4. What are the main operations performed by a POP3 client?
ANS A POP3 (Post Office Protocol 3) client primarily performs the following operations in
email communication:
1. Connection Establishment: Initiates a connection with the POP3 server over the
specified port (usually port 110 or 995 for encrypted connections).
2. User Authentication: Authenticates the user by providing the username and password to
access the mailbox.
3. Email Retrieval: Retrieves emails from the server, downloading them to the user's local
device.
4. Deletion from Server (Optional): Optionally deletes emails from the server after
successful retrieval, depending on user settings.
5. Local Storage: Manages the storage and organization of downloaded emails on the user's
local device.
6. Marking for Deletion (Optional): Optionally marks emails for deletion on the server,
with the actual removal occurring during a subsequent session.
7. Connection Termination: Closes the connection with the POP3 server after completing
the necessary operations.
Q5. Discuss the JavaMail API and its key components.
ANS. The JavaMail API is a Java library that provides a set of classes for sending, receiving,
and manipulating emails. Key components of the JavaMail API include the Session for email
session management, the Message class for representing email messages, and the Transport
class for sending messages. The Store class facilitates access to mail storage services such as
POP3 and IMAP. The API supports various protocols, including SMTP, POP3, and IMAP,
making it versatile for email communication in Java applications. Additionally, the
MimeMessage class allows for creating and handling MIME (Multipurpose Internet Mail
Extensions) formatted messages, including attachments and inline content. The JavaMail API
is a valuable tool for integrating email functionality into Java applications.

45
 EXPERIMENT: 7
Aim: Discovering ARP using Wireshark.
Stop Wireshark packet capture. First, find the packet numbers (the leftmost column in
the upper Wireshark window) of the HTTP GET message that was sent from your
computer to gaia.cs.umass.edu, as well as the beginning of the HTTP response
message sent to your computer by gaia.cs.umass.edu. You should see a screen that
looks something like this (where packet 4 in the screen shot below contains the HTTP
GET message)

46
Since this lab is about Ethernet and ARP, we’re not interested in IP or higher-layer
protocols. So let’s change Wireshark’s “listing of captured packets” window so that it shows
information only about protocols below IP. To have Wireshark do this, select Analyze-
>Enabled Protocols. Then uncheck the IP box and select OK. You should now see an
Wireshark window that looks like:

In order to answer the following questions, you’ll need to look into the packet details
and packet contents windows (the middle and lower display windows in Wireshark).

Select the Ethernet frame containing the HTTP GET message. (Recall that the HTTP
GET message is carried inside of a TCP segment, which is carried inside of an IP
datagram, which is carried inside of an Ethernet frame; reread section 1.5.2 in the text
if you find this encapsulation a bit confusing).

Expand the Ethernet II information in the packet details window. Note that the
contents of the Ethernet frame (header as well as payload) are displayed in the packet
contents window.

47
VIVA QUESTIONS:
Q1. What is the 48-bit Ethernet address of your computer?
ANS. The destination address is a0:f3:c1:f8:6d:f9. This address is not the
Ethernet address of gaia.cs.umass.edu, but it is the address of my TP link router (Gateway
to Internet).
Q2. Give the hexadecimal value for the two-byte Frame type field. What upper layer
protocol does this correspond to?
ANS. The hexadecimal value for the two-byte Frame type field in an Ethernet frame is
typically found in the EtherType field. For example, the EtherType value "0x0800"
corresponds to the Internet Protocol version 4 (IPv4). Other common values include
"0x0806" for Address Resolution Protocol (ARP) and "0x86DD" for IPv6. The
EtherType field indicates the upper layer protocol that follows the Ethernet frame's
header.
Q3. How many bytes from the very start of the Ethernet frame does the ASCII “G”
in “GET” appear in the Ethernet frame?
ANS. The ASCII "G" in "GET" would typically appear 36 bytes from the very start of an
Ethernet frame if it's part of an HTTP request. In an HTTP request, you have the Ethernet
frame header, followed by the IP header, the TCP header, and then the actual HTTP
payload. The "GET" request is part of the HTTP payload, and its position would depend
on the specifics of the headers and data present in the frame. The position might vary
slightly based on factors like the presence of options in the headers, but a common
estimate is around 36 bytes into the frame.
Q4. What is the destination address in the Ethernet frame? Is this the Ethernet
address of your computer?
ANS. The destination address in an Ethernet frame is the Media Access Control (MAC)
address of the recipient device on the local network. It specifies where the frame is
intended to be delivered. The address is not typically that of the sender's computer; rather,
it's the address of the device to which the frame is being sent. If the Ethernet frame is
destined for your computer, then the destination address would be your computer's MAC
address.
Q5. Give the hexadecimal value for the two-byte Frame type field. What upper layer
protocol does this correspond to?
ANS. The two-byte Frame type field in an Ethernet frame is often referred to as the
EtherType field. The hexadecimal value in this field indicates the upper-layer protocol
encapsulated within the Ethernet frame. For example, a common EtherType value is
"0x0800," which corresponds to the Internet Protocol version 4 (IPv4). Other values
include "0x0806" for Address Resolution Protocol (ARP) and "0x86DD" for IPv6. The
EtherType field is crucial for network devices to identify the protocol of the encapsulated
data and process it accordingly.

48
2. THE ADDRESS RESOLUTION PROTOCOL

In this section, we’ll observe the ARP protocol in action. We strongly recommend that
you re-read section 5.4.1 in the text before proceeding.

ARP Caching

Recall that the ARP protocol typically maintains a cache of IP-to-Ethernet address
translation pairs on your comnputer The arp command (in both MSDOS and Linux/Unix)
is used to view and manipulate the contents of this cache. Since the arp command and the
ARP protocol have the same name, it’s understandably easy to confuse them. But keep in
mind that they are different -the arp command is used to view and manipulate the ARP
cache contents, while the ARP protocol defines the format and meaning of the messages
sent and received, and defines the actions taken on message transmission and receipt.

Let’s take a look at the contents of the ARP cache on your computer:

 MS-DOS. The arp command is in c:\windows\system32, so type either

“arp” or “c:\windows\system32\arp” in the MS-DOS command line
(without quotation marks).

 Linux/Unix/MacOS. The executable for the arp command can be in various

places. Popular locations are /sbin/arp (for linux) and /usr/etc/arp (for some Unix
variants).

The Windows arp command with no arguments will display the contents of the
ARP cache on your computer. Run the arp command.

9. Write down the contents of your computer’s ARP cache. What is the
meaning of each column value?

In order to observe your computer sending and receiving ARP messages, we’ll need to
clear the ARP cache, since otherwise your computer is likely to find a needed IP-Ethernet
address translation pair in its cache and consequently not need to send out an ARP
message.

 MS-DOS. The MS-DOS arp –d * command will clear your ARP cache. The –d
flag indicates a deletion operation, and the * is the wildcard that says to delete all
table entries.

 Linux/Unix/MacOS. The arp –d * will clear your ARP cache. In order to run this
command you’ll need root privileges. If you don’t have root privileges and can’t
run Wireshark on a

Windows machine, you can skip the trace collection part of this lab and just use the
trace discussed in the earlier footnote.

49
OBSERVING ARP IN ACTION

Do the following :

Clear your ARP cache, as described above.

Next, make sure your browser’s cache is empty. To do this under Mozilla Firefox V3, select

Tools->Clear Recent History and check the box for Cache. For Internet Explorer, select
Tools->Internet Options->Delete Files.
Start up the Wireshark packet sniffer

Enter the following URL into your browser http://gaia.cs.umass.edu/wireshark-

labs/HTTP-wireshark-lab-file3.html Your browser should again display the rather lengthy US
Bill of Rights.

Stop Wireshark packet capture. Again, we’re not interested in IP or higher-layer

protocols, so change Wireshark’s “listing of captured packets” window so that it shows
information only about protocols below IP. To have Wireshark do this, select Analyze->Enabled
Protocols. Then uncheck the IP box and select OK. You should now see an Wireshark window
that looks like:

50
 EXPERIMENT: 8
Aim: Set Up Ad-Hoc Wireless Network in Windows XP.

Step 1: Enabling Internet Sharing on the Host Computer

To enable Internet sharing on the host computer, do the following:

1.From the Windows XP desktop, click Start, click Control Panel, clickNetwork and Internet
Connections, and then click Network Connections.
2.Right-click the Ethernet network connection that is used to access the Internet, and then
click Properties.
3.On the Advanced tab, select the Allow other network users to connect through this
computer’s Internet connection check box and clear the Allow other network users to control
or disable this shared Internet connection check box.
4.Click OK to save changes to your connection.
5.You might be prompted with a Local Network message box that explains how your computer’s
configuration is being changed. Click Yes to enable Internet sharing.

Step 2: Creating an Ad Hoc Wireless Network on the Host Computer

To create an ad hoc wireless network to share Internet access with the other WLAN computers on
a computer running Windows XP, do the following:

1. From the Windows XP desktop, click Start, click Control Panel, clickNetwork and Internet
Connections, and then click Network Connections.
2. Right-click the wireless network connection, and then click Properties.
3. Click the Wireless Networks tab.
4. In the wireless network adapter properties dialog box, click Add underPreferred networks.
5. On the Association tab, type the name of your ad hoc wireless network inNetwork name
(SSID). For example, you could name your wireless networkAdHocInternet.
6. Select the This is a computer-to-computer (ad hoc) network check box and clear the The key
is provided for me automatically check box.
7. In Network Authentication, select Open.
8. In Data encryption, select WEP.
9. In Network key, type the WEP key. The WEP key should be a random sequence of hexadecimal
digits or numbers, letters, and punctuation.
10.In Confirm network key, retype the WEP key.
11.Click OK to save changes to the wireless network.
12.Click OK to save changes to the wireless network adapter.
These instructions configure an encryption key for wireless communications on the ad hoc wireless
network. You must tell the other users who want to access the Internet the WEP key. You can
create an ad hoc wireless network without requiring encryption and an encryption key, but it is not
recommended.

51
Step 3. Connect other Computers to your new Ad Hoc Wireless Network

To connect each other laptop computer to the newly created ad hoc mode wireless network, do the
following:

1. Once the new ad hoc wireless network is created, Windows XP on other laptop computers should
detect it and prompt you with a One or more wireless networks are available or Wireless
networks detectedmessage in the notification area of your taskbar.
2. Click the notification message.

If you are not notified, right-click the wireless network adapter in Network Connections and
click View Available Wireless Networks.
You should see the Wireless Network Connection dialog box (for Windows XP with SP2), a
dialog box with the name of the wireless connection (for Windows XP with SP1), or the Connect
to Wireless Network dialog box (for Windows XP with no service packs installed). An example
of theWireless Network Connection dialog box for Windows XP with SP2 is shown in the
following figure.
3. For Windows XP with SP2, click the name of the new ad hoc wireless network in the list, and
then click Connect. When prompted by the Wireless Network Connection dialog box, the WEP
key in Network key andConfirm network key, and then click Connect.
For Windows XP with SP1, click the name of the new ad hoc wireless network inAvailable
networks, type the WEP key in Network key and Confirm network key, and then
click Connect.
For Windows XP with no service packs installed, click the name of the new ad hoc wireless
network in Available networks, type the WEP key in Network key, and then click Connect.
Now that the laptop computer is connected to the ad hoc wireless network, you must configure it
for either Windows Firewall or ICF and automatic addressing by doing the following:

1. From the Windows XP desktop, click Start, click Control Panel, clickNetwork and Internet
Connections, and then click Network Connections.
2. Right-click the network connection that corresponds to the wireless network adapter, and then
click Properties.
3. For computers running Windows XP with SP2, click the Advanced tab, and then click Settings.
From the Windows Firewall dialog box, click On, and then click OK.
For computers running Windows XP with SP1 or Windows XP with no service packs installed,
click the Advanced tab, and then select the Protect my computer and network by limiting or
preventing access to this computer from the Internet check box.
4. Click the General tab, double-click Internet Protocol (TCP/IP) in theThis connection uses
the following items list.
5. On the General tab, click Obtain an IP address automatically andObtain DNS server
address automatically.
6. Click OK to save the changes to the configuration of Internet Protocol (TCP/IP).
7. Click OK to save the changes to your connection’s configuration.
The laptop computer should receive an IP address configuration from the ICS host computer and
have Internet connectivity. Test Internet connectivity by using a Web browser to view Web pages.

52
VIVA QUESTIONS:
Q1. What is an ad-hoc wireless network, and how does it differ from an infrastructure
network?
ANS. An ad-hoc wireless network is a decentralized type of network where devices communicate
directly with each other without the need for a centralized access point. In an ad-hoc network,
devices act as both clients and routers, forming a temporary network on-the-fly. This is in contrast
to an infrastructure network where devices communicate through a central access point like a
router or Wi-Fi hotspot. Ad-hoc networks are typically used for peer-to-peer communication in
scenarios where infrastructure networks are impractical or unavailable, such as in spontaneous
meetings or temporary gatherings. Infrastructure networks, on the other hand, rely on a fixed
infrastructure for communication and are more common in traditional Wi-Fi setups.
Q2. In what scenarios would you choose to set up an ad-hoc wireless network?
ANS. Ad-hoc wireless networks are chosen in scenarios where a temporary or spontaneous
network is needed without relying on existing infrastructure. Examples include:
 Meetings or Conferences: Facilitating quick and direct communication among devices in a
meeting or conference setting where setting up a formal infrastructure network may be
impractical.
 Peer-to-Peer File Sharing: Enabling direct file sharing between devices in locations where
internet access or centralized network infrastructure is unavailable.
 Collaborative Projects: Supporting collaboration among a group of users working on a
project in a location without established Wi-Fi infrastructure.
 Emergency Scenarios: Establishing communication among devices in emergency
situations or remote locations where traditional network infrastructure is absent or
compromised.
 Outdoor Activities: Connecting devices for activities like camping or hiking where creating
a temporary network on-the-go is more convenient than relying on external infrastructure.
 Testing and Debugging: Conducting network testing or debugging scenarios where direct
communication between devices is essential without the complexity of an established
infrastructure.
Q3. Which settings need to be configured during the setup process?
ANS. During the setup process of an ad-hoc wireless network, several key settings must be
configured. These include defining a unique network name (SSID) to distinguish the ad-hoc
network, selecting an appropriate wireless channel to avoid interference, implementing security
settings like a passphrase for encryption, assigning static IP addresses to devices since ad-hoc
networks often lack DHCP, setting devices to ad-hoc mode for peer-to-peer connections,
specifying the authentication mode, and configuring connection management settings. Proper
configuration of these settings ensures the secure and efficient operation of the ad-hoc network,
facilitating direct communication among devices without relying on a centralized infrastructure.
Q4. How can your secure communication within an ad-hoc network?

53
ANS. Securing communication within an ad-hoc network involves implementing measures to
protect data integrity and privacy. Key security practices include configuring encryption, choosing
strong authentication methods, and managing access. Setting a passphrase for WPA (Wi-Fi
Protected Access) or WPA2 encryption is crucial to prevent unauthorized access and
eavesdropping. Additionally, using WPA3 or other advanced encryption protocols enhances
security. Employing strong authentication, such as pre-shared keys, adds an extra layer of
protection. It's essential to disable unnecessary network services, employ firewall settings, and
assign static IP addresses to enhance control and limit potential vulnerabilities. Regularly updating
firmware and monitoring the network for suspicious activities further contribute to a secure ad-
hoc communication environment.
Q5. Explain how IP addresses are configured in an ad-hoc wireless network.
ANS. In an ad-hoc wireless network, IP addresses are typically configured manually as ad-hoc
networks often lack a DHCP (Dynamic Host Configuration Protocol) server for automatic address
assignment. Users assign static IP addresses to each device within the network, ensuring
consistency and enabling direct peer-to-peer communication. This manual configuration involves
specifying an IP address, subnet mask, and, if applicable, a default gateway. By assigning unique
static IP addresses to devices, users establish a predictable addressing scheme, facilitating seamless
communication within the ad-hoc network.

54
 EXPERIMENT:9

Aim: Write a simple SMTP Client in C++ or Java to send and receive mail.

Source Code-
#include <iostream>
#include <cstring>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <unistd.h>

const int BUFFER_SIZE = 1024;

int main() {
// Server configuration
const char* server_address = "smtp.example.com";
const int server_port = 25;

// Sender and recipient information

const char* sender_email = "[email protected]";
const char* recipient_email = "[email protected]";

// Message details
const char* subject = "Test Email";
const char* body = "This is a test email sent from a simple SMTP client.";

// Connect to the SMTP server

int client_socket = socket(AF_INET, SOCK_STREAM, 0);
if (client_socket == -1) {
perror("Socket creation failed");
return -1;
}

sockaddr_in server_address_info;
server_address_info.sin_family = AF_INET;
server_address_info.sin_port = htons(server_port);
inet_pton(AF_INET, server_address, &server_address_info.sin_addr);

if (connect(client_socket, (struct sockaddr*)&server_address_info, sizeof(server_address_info))

== -1) {
perror("Connection to the server failed");
close(client_socket);
return -1;
}

// Receive server greeting

55
char buffer[BUFFER_SIZE] = {0};
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send HELO command

const char* helo_command = "HELO localhost\r\n";
send(client_socket, helo_command, strlen(helo_command), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send MAIL FROM command

std::string mail_from_command = "MAIL FROM: <" + std::string(sender_email) + ">\r\n";
send(client_socket, mail_from_command.c_str(), mail_from_command.length(), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send RCPT TO command

std::string rcpt_to_command = "RCPT TO: <" + std::string(recipient_email) + ">\r\n";
send(client_socket, rcpt_to_command.c_str(), rcpt_to_command.length(), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send DATA command

const char* data_command = "DATA\r\n";
send(client_socket, data_command, strlen(data_command), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send email content

std::string email_content = "Subject: " + std::string(subject) + "\r\n\r\n" + body + "\r\n.\r\n";
send(client_socket, email_content.c_str(), email_content.length(), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Send QUIT command

const char* quit_command = "QUIT\r\n";
send(client_socket, quit_command, strlen(quit_command), 0);
recv(client_socket, buffer, sizeof(buffer), 0);
std::cout << "Server response: " << buffer;

// Close the socket

close(client_socket);

return 0;
}

56
VIVA QUESTIONS:
Q1. What is SMTP?

ANS. SMTP stands for Simple Mail Transfer Protocol, a standard protocol for sending and
receiving email.

Q2. Explain the basic steps involved in sending an email using SMTP.

ANS. The basic steps include establishing a connection to the SMTP server, authenticating,
specifying sender and recipient addresses, and sending the email content.

Q3. Why is authentication necessary in SMTP?

ANS. Authentication is required to ensure that only authorized users can send emails via the SMTP
server, preventing unauthorized access and abuse.

Q4. What is the purpose of the JavaMail API (in Java)?

ANS. The JavaMail API is a set of abstract classes that model a mail system. It provides a platform-
independent and protocol-independent framework to build Java-based email client applications.

Q5. How does the provided Java code authenticate with the SMTP server?

ANS. The Java code uses the Authenticator class to override the getPasswordAuthentication
method, providing the username and password for authentication.

57
 EXPERIMENT:10

Aim: Write a program in Java to implement TCP client server architecture

Source Code -
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.Socket;

public class TCPClient {

public static void main(String[] args) {
try {
// Create a socket and connect to the server on localhost, port 12345
Socket socket = new Socket("localhost", 12345);

// Create input and output streams for communication with the server
BufferedReader in = new BufferedReader(new
InputStreamReader(socket.getInputStream()));
PrintWriter out = new PrintWriter(new OutputStreamWriter(socket.getOutputStream()),
true);

// Send messages to the server

out.println("Hello, server!");
out.println("How are you?");
out.println("bye"); // to terminate the server

// Receive and print server responses

String response;
while ((response = in.readLine()) != null) {
System.out.println("Server response: " + response);

// Break the loop if the server echoes "bye"

if (response.equals("Server echoes: bye")) {
break;
}
}

// Close the socket

socket.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}
58
VIVA QUESTIONS:
Q1. What is TCP?

ANS. TCP (Transmission Control Protocol) is a reliable, connection-oriented protocol that

provides a stream of bytes between two devices over a network.

Q2. Explain the difference between TCP and UDP.

ANS. TCP is connection-oriented, reliable, and ensures data integrity, whereas UDP is
connectionless, and it does not guarantee reliable data delivery.

Q3. Why is TCP considered a reliable protocol?

ANS. TCP uses acknowledgment mechanisms and retransmission of lost packets to ensure that
data is delivered reliably and in order.

Q4. What is the purpose of a TCP socket in Java?

ANS. In Java, a TCP socket represents an endpoint for communication between two devices. It
provides a reliable, bidirectional communication channel.

Q5. Explain the steps involved in creating a TCP server in Java.

ANS. The steps include creating a ServerSocket, waiting for client connections, accepting a client
connection, and then creating input and output streams to communicate with the client.

59