Laboratory 3 - More Network Utilities
Due - Tuesday, December 9, 2003
This assignment should be done on one of the Unix machines in Clapp 202. See Lab 2 for general instructions on using Unix and the network tools. Again, if you want to do the assignment elsewhere, talk with me first.
This assignment is to be done individually and should be turned in by the start of class on the due date.
Question 1 - 10 points
ifconfig
- a. Run the command:
ifconfig
This command will provide you with information about the configuration of the network interfaces. Explain as much as you can about the output. For example, you might include information about the IP addresses of the interfaces.
Question 2 - 20 points
arp
- a. View the arp table on your machine by running the command:
arp -a
Now, choose a host from the table and try to delete the entry from the arp table (hint: consult the man pages to find out more about the command for deleting an entry). What command did you use? What happened when you ran the command? Why?
- b. Find an indirect way to change the arp table such that an existing entry is changed, or a new entry is added. Explain the steps you took to make the change. For your answer, include a copy of the table before and after the change. You may include only the relevant portion of the table.
Question 3 - 20 points
netstat
- a. Run the command:
netstat
This command will provide you with information about the status and statistics regarding the network interfaces on your machine. Which applications (or application-layer protocols) are generating network traffic on your machine?
- b. Run the command:
netstat -s
You should be able to understand most of the output. What percentage of TCP packets are retransmitted? How come there are no statistics on retransmitted UDP packets?
Question 4 - 50 points
tcpdump
For this question, you will need to copy the file /home/srollins/pub/dump.bin into your directory. You are going to use the tcpdump tool to analyze the dump file. Run the command:
tcpdump -r dump.bin
.
- a. Provide a high-level description (3-4 sentences) of what the output contains.
- b. Provide a more specific description of what I was doing during this trace. For example, which web servers did I visit?
- c. Which application-layer protocols do you see in the trace?
- d. Which port numbers are used during the session?
- e. What is the IP address of the computer I was using?
- f. Find the command to view the MAC address of the machines involved in the trace. Which MAC addresses are present?
- g. How would you figure out how many bytes were sent from UCSB to the comptuer I was using? Be specific here!
Sami Rollins