1
Assigned 29th Aug 2022
Due 10th Sep 2022
University of Missouri – St. Louis
Department of Computer Science
(Fall 2022: CMP SCI 4730 Computer Network And Communications)
Lab Assignment 1
Max Points: 100
The purpose of this lab is to familiarize the class with network analysis and diagnostic
utilities.
1. The PING (Packet Internet Groper) command [20]
Description: This Ping command is a command line utility to verify network
connectivity between the source host and the specified destination server or a host. It
can, therefore, be used to verify and troubleshoot accessibility of devices over the
Internet. The host sends one or more messages called ping and waits for the echo reply
called pong. The response may also indicate the round-trip delay, packet size and
packet loss.
Study the general form of Ping command using man (Mac) or help (/ or -h) (Windows)
as the case may be. Do the following exercise based on Ping
Exercise: From the command line interface (command window), ping XXXXXXXXXX
(www.google.com) and include a snapshot of the screen with the write up. Answer the
following questions based on the output of the command:
i) How many packets are sent? What is the default size of each packet
ii) Change the packet size to 128. What size does google accept?
iii) What is the TTL value indicated and what does it mean?
iv) What is the minimum and the average time for accessing Google server in the
default case?
v) Which protocol does ping use, give the full form of the protocol?
Now Ping www.boeing.com with 20 pings
vi) What is the IP address of the Boeing server?
vii) Ping the Boeing IP address with TTL value of 10? Explain the result.
viii) Increase the size of the test packet to 1024 bytes and note the difference in average
time taken.
ix) What is the percentage of packet loss?
x) Give two factors on which the minimum RTT depends.
2. The Traceroute/Tracert utility [20]
Description: This utility allows the user to examine the path a packet takes across the
Internet from the source to the destination. It uses the Internet Control Message
Protocol (ICMP) e
or-reporting function and UDP packets. traceroute provides
information about the routers that handle the packets and also gives transit delays
(network latency) for delivering packets to each router. It thus provides the NOC
http:
www.google.com
http:
www.boeing.com
2
engineers in diagnosing network issues like packet loss and latency. This functionality
is available as a command line tool in Unix variants and Windows. Tracing paket routes
is an important tool for network engineers and your skill to interpret it’s output will
improve as you practice more.
Exercise: Trace the route to XXXXXXXXXXor any other public site if this does not work on
your system) and include a snapshot of the output with your submission. Answer the
following questions based on the output of the command:
i) Give the number of hops and the number of routers to the destination. (2)
ii) What is the maximum number of hops that are traced by traceroute? (2)
iii) What is the maximum and minimum time taken to reach the destination? (2)
iv) Look up the last IP address on the route before XXXXXXXXXXusing a ‘whoisip’ look up tool
(like https:
www.whatismyip.com/ip-whois-lookup/) give the owner’s name and
postal address. (2)
v) How does the traceroute/tracert discover the path? Get help from ‘man’ or help
pages depending on whether you are using a mac or windows. (2)
vi) For this part traceroute/tracert to XXXXXXXXXXMIT Server) and attach a snapshot
of the output. Explain the asterisk signs on some hops. (2)
vii) In vi) which ISP’s network does the packet start in? Can you spot any change in the
ISP before the packet reaches its destination? (4)
viii) What are the effective throughputs of the link up to the first router and the last
outer? (4)
3. Wireshark [40+20]
Brief Description: Wireshark is one of the most popular network protocol analyzers.
It allows examination of packet flows and their contents. Using this tool network
administrators can troubleshoot network problems and security engineers can find
security issues. It can be used to learn protocol behavior and also debug them.
Download Wireshark from https:
www.wireshark.org/download.html and install it
(choose to install npcap as well). The Wireshark Users’ Guide is available at
http:
www.wireshark.org/docs/wsug_html_chunked/. Please read the initial parts on
description of Wireshark and usage. Keep refe
ing to the manual as required.
Exercise: [A] Start Wireshark and click on the interface through which your computer
is connected to the Internet (It will generally be the wireless interface “Wi-Fi en0” or
the Ethernet LAN interface). Start packet capture and answer the following:
a) See the contents of the three main parts of the Wireshark interface: The packet-
listing pane, the packet details pane, and the packet-contents pane. Familiarize
yourself with the menu options. (i) Look at the protocol field and list three different
protocols displayed. (6)
) (i) Select any packet in the packet-listing pane and
iefly describe the contents of the
other two panes. (ii)Take a screenshot of the Wireshark interface showing the details
of the packet you described and include it in the submission (iii) What is the final
encapsulation layer of the message being sent on the physical or wireless media?
(10)
https:
www.whatismyip.com/ip-whois-lookup
https:
www.wireshark.org/download.html
http:
www.wireshark.org/docs/wsug_html_chunked
3
c) Exit Wireshark. Open your favorite
owser. Start Wireshark again and start
capture. On the
owser navigate to the site apache.org click any hyperlink on the
page. Click another hyperlink. Wait a few seconds and stop capture. You now have
live packet data containing protocol messages that have been exchanged between
your computer and the network/website. Submit a screenshot of the Wireshark
output. Ca
y out the following:
(i) Type http in the ‘Apply a display filter’ field so that only HTTP packets are
displayed? Give the first three bytes of the HTTP message. (4)
(ii) Since the HTTP message was ca
ied inside a TCP segment, which was ca
ied
inside an IP datagram, which was ca
ied within an Ethernet frame, in the
packet details window Wireshark displays the Frame, Ethernet, IP, and TCP
packet information as well. Maximize HTTP and minimize the other details.
From the details give the version of HTTP that your
owser is running. (4)
(iii) Find an HTTP GET message in the captured packets that shows the URL you
entered. Expand the Ethernet frame, IP datagram, TCP segment, and HTTP
message header information in the packet-header window, take a screenshot and
include it with your submission. From the details find what is the IP address of
your computer and that of the site you accessed? (4)
(iv) Print the two HTTP messages (GET and OK). Submit the output. (4)
(v) Calculate the time between sending of the HTTP GET message and receipt of the
co
esponding HTTP OK reply. (4)
(vi) How many bytes of content are being returned to your
owser? (4)
(B) HTTP Authentication: Exit and re-start Wireshark. Start packet capture.
Download the password protected file http:
gaia.cs.umass.edu/wireshark-
labs/protected_pages/HTTP-wireshark-file5.html using your
owser. The
username is wireshark-students, and the password is network. Answer the following.
(i) What is the server’s response (status code and phrase) in response to the initial
HTTP GET message from your
owser? (5)
(ii) When your
owser’s sends the HTTP GET message for the second time, what new
field is included in the HTTP GET message? (5)
(iii) The username wireshark-students and the password network that you
entered are encoded in the string of characters
(d2lyZXNoYXJrLXN0dWRlbnRzOm5ldHdvcms=) following the “Authorization:
Basic” header in the client’s HTTP GET message. Use a Base64 to text decoder
(like https:
www.base64decode.org) and enter this part of the string
d2lyZXNoYXJrLXN0dWRlbnRz you can see the username! Now enter the
emainder of the string Om5ldHdvcms= and your password is shown in
cleartext. This is how an intruder can sniff your password. Comment about the
security at this layer? (10)
http:
gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html
http:
gaia.cs.umass.edu/wireshark-labs/protected_pages/HTTP-wireshark-file5.html
https:
www.base64decode.org