Q Lab 3 Network Utilities Objectives The main objective of this laboratory exercise is to familiarize the student with the basic network monitoring/analysis tools in the Windows/Linux operating systems and how to use those tools from the Command (Windows) or Terminal (Linux) windows. At the end of this lab, the student will be familiar with and able to use the following network monitoring/analysis tools: • ipconfig / ifconfig • ping • tracert / traceroute • netstat • nslookup Preparation • Ensure you have access to your either your Windows 10/Kali Linux Virtual Machine (VM) • Ensure that your VM is powered on and configured correctly • Ensure that your VM is using the 1100 network o • All of the basic network monitoring/analysis tools will be performed within a Command/Terminal window. o Launch a Command/Terminal window: ? Windows • Click on the Start Button and type “cmd” and then click on the Command Prompt Desktop app ? Linux • Click on the Application menu and then click on the Terminal icon • Click on the Terminal icon on the Quick Launch menu • There is help for each tool o Windows: Use /? after the command to get help. Example: c:\ipconfig /? o Linux: Use the man command to get help. Example: # man ifconfig Instructions ipconfig (Windows) / ifconfig (Linux) Not part of the TCP/IP utilities, but it is useful to show the current TCP/IP settings. The ipconfig command line utility will show detailed information about the network you are connected to. It can also be used to reconfigure your TCP/IP settings. Let's say you want to know what you're IP address is – ipconfig is what you type in the command prompt. The output will give a quick view of you IP address your subnet mask and default gateway (Windows). Windows Linux ping The ping utility tests connectivity between two hosts. ping uses a protocol called the Internet Control Message Protocol (ICMP) to determine whether the remote machine (website, server, etc.) can receive the test packet and reply. ping is also a great way to verify whether you have TCP/IP installed and your Network Card is working. 1. We'll start by pinging the loopback address (127.0.0.1) to verify that TCP/IP is installed and configured correctly on the local computer. • Windows: ping 127.0.0.1 • Kali Linux: ping 127.0.0.1 (use Cntl-C to stop ping requests) Windows & Linux This tells us that TCP/IP is working as well as our Network Card. 2. To test out external connectivity to a website all you have to do is type: ping ww.google.com The results should tell you if the connection was successful or if you had any lost packets. Packet loss describes a condition in which data packets appear to be transmitted correctly at one end of a connection, but never arrive at the other. Why? Well, there are a few possibilities. The network connection might be poor and packets get damaged in transit or the packet was dropped at a router because of internet congestion. Some Internet Web servers may be configured to disregard ping requests for security purposes. Note the IP address of ww.google.com – 216.58.192.164. You can also ping this IP address and get the same result. However, ping is not just used to test websites. It can also test connectivity to various servers: DNS, DHCP, your Print server, etc. As you get more into networking you'll realize just how handy the ping utility can be. tracert (Windows) / traceroute (Linux) tracert is very similar to ping, except that tracert identifies pathways taken along each hop, rather than the time it takes for each packet to return (ping). Both Windows and Linux have the capability of executing tracert with the Linux command (traceroute) being more versatile. Windows Linux If I have trouble connecting to a remote host I will use tracert to see where that connection fails. Any information sent from a source computer must travel through many computers / servers / routers (they're all the same thing, essentially) before it reaches a destination. It may not be your computer but something that is down along the way. It can also tell you if communication is slow because a link has gone down between you and the destination. If you know there are normally 4 routers but tracert returns 8 responses, you know your packets are taking an indirect route due to a link being down. netstat netstat displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is an important part of the Network + exam but it's a helpful tool in finding problems and determining the amount of traffic on the network as a performance measurement. Windows Linux nsookup The nslookup command will look up the IP addresses associated with a domain name. For example, you can perform nslookup www.google.com to see the IP address of Google’s server. Your computer is constantly querying its Domain Name System (DNS) servers to translate domain names to IP addresses. This command just allows you to do it manually. nslookup also allows you to perform a reverse lookup to find the domain name associated with an IP address. For example, nslookup 208.43.115.82 will show you that this IP address is associated with howtogeek.com. Deliverables Your lab report should include the following for each of the basic network monitoring/analysis tools: • A sentence describing what each tool does (IPConfig, PING, TraceRT, Netstat, and NSLookup) • A brief paragraph describing scenarios you would want to use these utilities.