ITP 457 Lab 1

ITP 457 Lab 1 -...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ITP
457
Lab
1
–
Networking
Refreshing
 Part
1
–
Windows
Client
Configuration
(ipconfig/ping/arp)
 o Step
1
–
Start
up
Windows
VM
guest,
and
log
into
the
system.
 o 
Log
into
the
VMware
Server
at
 
 
 
 ____________________
 Username:
 
 
 
 
 ____________________
 Password:
 
 
 
 
 ____________________
 o Startup
both
Windows
XP
SP0
&
Red
Hat
9
 Click
on
the
name
of
the
Virtual
Machine
 Press
the
green
play
button
on
top
 
 Step
2
(Windows
VM)
–
View
the
network
card
configuration
using
the
ipconfig
command:
 o Open
up
the
command
prompt
 Click
Start

Run
 Type
in
cmd
 o Type
the
command
ipconfig
/?
and
press
ENTER
 Look
over
the
options
for
the
ipconfig
command
 Type
in
the
command
to
clear
the
DNS
cache:
 
 ________________________________________
 
 Type
in
the
command
to
release
an
IP
address
for
only
Local
Area
Connection
1

 ________________________________________
 
 Which
options
do
you
think
is
important
for
network
administration?
Name
the
 top
3
and
explain
why.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 What
command
would
I
use
to
display
the
DHCP
server
information?
 ________________________________________
 
 o Type
the
command
ipconfig
and
press
ENTER
 What
is
your
IP
address?
 
 
 ____________________
 What
is
your
subnet
mask?
 
 
 ____________________
 What
is
your
default
gateway?
 
 
 ____________________
 o Type
the
command
ipconfig
/all
and
press
ENTER
 Look
over
carefully
the
information
displayed
 What
is
the
MAC
address
of
the
computer?
 ____________________
 What
is
your
DNS
server
address?
 
 ____________________
 o Type
exit
to
close
the
command
prompt
 o o o o 
 Step
3
(Windows
VM)
‐
Change
the
IP
address
of
the
Windows:
 o Click
on
Start

Control
Panel
 o Click
Network
and
Internet
Connections
 If
you
have
the
classic
view
of
Control
Panel
you
can
Networking
Connections
 directly!
 o Click
Network
Connections
at
the
bottom,
skip
this
if
you’re
viewing
the
Control
Panel
in
 classic
view
 o Right
click
Local
Area
Connection
and
click
Properties
 o Select
Internet
Protocol
(TCP/IP)
and
click
Properties
 Click
on
Use
the
following
IP
Address
 In
the
IP
address
box
change
it
to:
 
 ____________________
 In
the
Subnet
mask
change
it
to:
 
 255.255.255.0
 In
the
Default
Gateway
change
it
to:
 
 ____________________
 In
the
Preferred
DNS
Server
change
it
to:
 ____________________
 o Click
OK
 o Click
Ok
in
the
Local
Area
Connection
Properties
Dialog
 
 Step
4
(Windows
VM)
–
Verify
the
IP
address:
 o Open
up
the
command
prompt
 o Run
ipconfig
 Your
IP
address
should
be
changed
to
what
you
set
 o Exit
the
command
prompt
 
 Step
5
(Windows
HOST)
–
Ping
the
VM’s
new
IP
Address:
 o Press
CTRL+ALT
to
head
back
into
the
Host
OS
 o Open
up
the
command
prompt
 o Type
the
command
ping
/?
 What
command
will
allow
me
to
ping
forever?
 ________________________________________
 
 What
is
the
Windows
default
on
the
amount
of
pings
sent?
 ________________________________________
 
 o Type
the
command
ping
$win.vm.ip
where
$win.vm.ip
is
the
IP
address
of
the
Windows
 VM
you
changed
 What
is
the
value
of
the
TTL
observed
on
the
screen?
 ________________________________________
 
 What
does
this
TTL
number
refer
to?
 ________________________________________
 
 o How
can
you
be
sure
that
this
response
is
actually
coming
from
the
correct
 computer?
Explain.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Step
6
(Windows
VM)
‐
View
and
Modify
the
ARP
table:
 o Go
back
into
the
Windows
VM
 o In
the
command
prompt
type
arp
/?
 o Type
arp
–a
 How
many
entries
do
you
see?
 
 
 ____________________
 o Type
arp
–d
 So
what
did
you
just
do?
 ____________________________________________________________
 ____________________________________________________________
 
 o Type
arp
–a
 How
many
entries
do
you
see?
 
 
 ____________________
 o Ping
your
Windows
VM
again
 o How
does
using
the
ping
utility
cause
the
machine’s
MAC
address
to
be
populated
in
the
 ARP
cache?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 o What
command
would
you
use
just
to
remove
1
entry
in
the
ARP
cache?
 ________________________________________
 
 Part
2
Linux
Client
Configuration
(ifconfig/ping/arp)
 o Step
1
(Linux
VM)
–
Start
the
Linux
Guest
OS:
 o Start
up
the
Red
Hat
9
VM
 o Log
into
Red
Hat
9
with
the
following:
 Username:
 
 
 
 
 ____________________
 Password:
 
 
 
 
 ____________________
 Step
2
(Linux
VM)
‐
View
the
network
card
configuration
using
ifconfig:
 o Open
a
terminal
 Right
click
the
desktop,
and
select
terminal
 o Type
ifconfig
–h
and
press
ENTER
 o o o o Look
at
how
the
commands
are
used,
don’t
worry
too
much
as
to
what
they
 mean
for
now
 o Type
man
ifconfig

 Use
the
Up/Down
arrow
keys
to
scroll
through
the
manual
 o Press
q
to
exit
 o Type
ifconfig
 How
does
Linux
refer
to
the
IP
address?
What
is
your
IP
address?
 ____________________________________________________________
 ____________________________________________________________
 
 How
does
Linux
refer
to
the
subnet
mask?
What
is
your
subnet
mask?
 ____________________________________________________________
 ____________________________________________________________
 
 Step
3
(Linux
VM)
–
Use
the
cat
command
to
view
the
file
resolv.conf
to
determine
the
DNS
 address:
 o Type
cat
/etc/resolv.conf
 What
is
the
information
that
shown?
How
is
it
important
to
networking
in
 Linux?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Step
4
(Linux
VM)
–
Use
the
netstat
–nr
command
to
determine
the
gateway
router
address:
 o Type
netstat
–nr
and
press
ENTER
 What
is
your
default
gateway?
 
 
 ____________________
 What
does
the
‘n’
flag
do? ____________________________________________________________
 
 What
does
the
‘r’
flag
do?
 ____________________________________________________________
 
 Step
5
(Linux
VM)
‐

Using
ifconfig
command
to
change
the
network
configuration
 o Type
ifconfig
eth0
$new.ip.addr.
Where
$new.ip.addr
is:
 ____________________
 o Type
ifconfig
 Did
your
IP
address
change
to
what
you
wanted?
 ____________________
 Do
you
think
this
change
is
permanent?
Explain.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 o o o 
 Step
6
(Linux
VM)
–
View
the
ARP
table:
 o Type
arp
–h
 o Type
arp
–an
 What
do
the
flags
“a”
and
“n”
do?
 ____________________________________________________________
 ____________________________________________________________
 
 Do
you
have
any
entries?
Explain.
 ____________________________________________________________
 ____________________________________________________________
 
 Step
7
(Linux
VM)
–
Ping
the
Server
machine
by
IP
address
and
view
the
cache:
 o Type
arp
–d
$new.ip.addr
 o Type
arp
–an

 Verify
what
has
changed.
Is
it
what
you
expected?
 o Type
ping
$new.ip.addr
 Press
CTRL+C
to
stop
the
command
 o Type
arp
–an
 Verify
what
has
changed.
Is
it
what
you
expected?
 o How
can
I
be
sure
that
is
the
actually
the
correct
MAC
address
for
the
computer?
 Explain.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Don’t
close
the
Linux
VM,
you
will
need
it
for
later
 Part
3
Computer
Name
Resolution
 o Step
1
(Windows
VM)
–
Starting
up
the
Virtual
Machine:
 o Log
into
Windows
VM
 
 Step
2
(Windows
VM)
–
Ping
Using
Name
Resolution:
 o Open
up
command
prompt
 o Type
ping
127.0.0.1
 This
is
the
loopback
address
 o Type
ping
localhost
 What
is
the
IP
address
that
is
displayed?
 What
is
you
ping
loopback?
 o ____________________
 o o o ____________________________________________________________
 
 How
do
you
think
pinging
the
loopback
is
useful
to
network
 administration/security?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Step
3
(Windows
VM)
View
and
Modify
host
file:
 o Run
the
command
Start

Run
 o Type
notepad
c:\windows\system32\drivers\etc\hosts
and
click
OK
 What
entry
is
already
there
in
this
file?
 Add
the
following
lines
to
the
end
of
the
file:
 • $linux.vm.ip.addr
 
 linuxIsUber
 • $win.vm.ip.addr
 
 me
 Click
File
‐>
Save
 o Close
notepad
 o In
the
command
prompt,
type
ping
me
 What
IP
address
pops
up?
 
 
 ____________________
 o Type
ping
linuxIsUber
 What
IP
address
pops
up?
 
 
 ____________________
 o How
could
this
file
be
exploited?
Explain.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Step
4
(Windows
VM)
Ping
using
FQDN:
 o Ping
$linux.vm.ip.addr
 o Type
ipconfig
/displaydns
 What
listing
do
you
see?
 ____________________________________________________________
 
 Is
there
one
for
me?
 
 
 
 ____________________
 
 Step
5
(Windows
VM)
Use
nslookup
command
to
view
name‐to‐IP
address
information:
 o At
the
command
prompt,
type
nslookup
and
press
ENTER
 o At
the
>
prompt
type
help
and
press
ENTER
 Which
option
displays
the
current
server/host?
 ____________________________________________________________
 
 If
you
type
google.com,
what
are
the
IP
address(es)?
 o o o o ____________________________________________________________
 
 Why
do
you
think
there
are
multiple
IP
addresses?
From
this
result,
tell
me
what
 you
think
about
Google’s
server
setup.
Details.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Type
exit
 In
the
command
prompt,
type
nslookup
linuxIsUber
 Is
the
IP
address
correct?
 
 
 ____________________
 
 Type
nslookup
me
 Is
the
IP
address
correct?
 
 
 ____________________
 
 How
can
you
be
sure
that
these
responses
actually
came
from
a
legitimate
DNS
server?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 Part
4
Linux
nslookup
 o Step
1
(Linux
VM)
‐
Star
the
Linux
client
VM:
 o Log
into
the
Linux
VM
 
 Step
2
(Linux
VM)
–
Ping
the
Linux
client:
 o Open
up
a
terminal
 o Type
ping
127.0.0.1
 Press
CTRL+C
to
stop
the
pings
 o Type
ping
localhost
 What
is
the
ip
address
that
is
displayed?
 ____________________
 
 Step
3
(Linux
VM)
–
View
and
modify
the
hosts
file:
 o Type
emacs
/etc/hosts
 What
entry
is
already
there?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Add
the
following
lines
 • $win.vm.ip.addr
 winxp
 o o o $linux.vm.ip.addr
 me
 
 Save
the
file
and
exits
 • CTRL+X
then
CTRL+S
 • CTRL+X
then
CTRL+C
 
 Type
ping
me
 • What
IP
address
comes
up?
 
 ____________________
 Type
ping
winxp
 • What
IP
address
comes
up?
 
 ____________________
 
 How
can
this
file
be
exploited?
What
needs
to
be
done
by
an
attacker
to
exploit
 this
file
in
*nix?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 Step
4
(Linxu
VM)
–
Understand
the
nslookup
command
 o Type
the
command
man
nslookup
 o Which
mode
do
you
think
would
be
more
beneficial
to
a
sysadmin,
interactive
or
non‐ interactive?
Explain.
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 o Type
exit
to
quit
the
application
 o What
are
the
differences
between
nslookup
in
Windows
and
Linux?
Is
there
any?
 ____________________________________________________________
 ____________________________________________________________
 ____________________________________________________________
 
 • Scenario
Questions:
 Scenario
1
–
Getting
Familiar
With
Reading
RFC:
 On
Monday,
Chi
made
a
bad
joke
regarding
a
networking
protocol
that
was
proposed
as
an
RFC
 (Request
for
Comments).

Wikipedia
describes
RFC
as:
 In
 computer
 network
 engineering,
 a
 Request
 for
 Comments
 (RFC)
 is
 a
 memorandum
 published
 by
 the
 Internet
 Engineering
Task
Force
(IETF)
describing
methods,
behaviors,
research,
or
innovations
applicable
to
the
working
of
 the
Internet
and
Internet‐connected
systems.
 Through
the
Internet
Society,
engineers
and
computer
scientists
may
publish
discourse
in
the
form
of
an
RFC,
either
 for
 peer
 review
 or
 simply
 to
 convey
 new
 concepts,
 information,
 or
 (occasionally)
 engineering
 humor.
 The
 IETF
 adopts
some
of
the
proposals
published
as
RFCs
as
Internet
standards.
 Chi
mentioned
RFC
1149
as
the
greatest
protocol
for
Internet
activity.

Google
RFC
1149.

 What
are
RFC
1149?
 ________________________________________________________________________________ 
 ________________________________________________________________________________
 ________________________________________________________________________________ 
 ________________________________________________________________________________ 
 
 What
are
the
pros
of
RFC
1149?
 ________________________________________________________________________________
 ________________________________________________________________________________ 
 ________________________________________________________________________________ 
 ________________________________________________________________________________
 What
are
the
cons
of
RFC
1149?
 ________________________________________________________________________________ 
 ________________________________________________________________________________ 
 ________________________________________________________________________________
 ________________________________________________________________________________ 
 Scenario
2
–
Selling
Security
To
a
Client
 Bob
has
a
6
Terabyte
of
data
in
his
home
(all
legal
data)
in
hard
drives
and
DVDs/CDs.

Bob
only
wants
to
 spend
$1,000
to
keep
his
data
safe.

What
would
you
do
to
help
Bob
secure
his
data
for
the
rest
of
his
 life?
Does
Bob
need
to
put
out
more
money?
If
so,
how
would
you
convince
Bob
to
spend
more
(without
 using
dollar
figures)?

Go
to
newegg.com
or
anywhere
else,
what
is
the
cheapest
setup
you
can
do
for
 Bob?

 List
all
the
pros/cons
with
your
setup.

List
any
assumptions
you
make.


 *Hint:
There
is
no
one
correct
answer.
Balance
security
with
expense.
 ...
View Full Document

This document was uploaded on 09/13/2010.

Ask a homework question - tutors are online