Lab 1 Wireshark Wireshark is an open source and free packet analyser used for many purposes, such as: Troubleshooting Network analysis Software communication tests and development Education This reports states the usage of Wireshark to capture packets for analyses and to demonstrate different protocols used for communication. For the purpose of this lab we will be analysing a short capture from a communication from a host PC and the BBC website. The task is to start Wireshark and then open the BBC website and access a video clip, then stop the capture and analyse the different protocols that were used to allow the communication. Protocols used for communication (10 seconds capture) DNS - Domain Name System is used to translate URLs (Uniform Resource Locator) to IP addresses. DNS uses port number 53 and starts a communication with UDP (User Datagram Protocol), which is preferred for speed, but it is unreliable, then this communication is truncated and continues through TCP. TCP Transmission Control Protocol is a reliable protocol that is used by most of all the applications for Internet communication (i.e. World Wide Web). TCP in our capture is used to guarantee the communication between the host computer and the web server holding the BBC website. As per the screenshot we can see the 3- way handshake in action (SYN, SYN- ACK and ACK), TCP/IP uses port number 80 and is providing end- tend connectivity and specify how the data should be formatted and transmitted.
HTTP Hyper Text Transfer Protocol operates as a Request- Response protocol in the Client Server Network. HTTP enables the communication of a client through a web browser that can be seen as an agent installed on the client that will process the HTTP requests and responses to the Server hosting the website been accessed. In this case Safary (my browser) is the agent responsible for processing the requests and responses delivered by HTTP through port 80 to the server, this requests are mostly text and images.
NTP Network Time Protocol is used to synchronise clocks between computer systems over packet- switches. In our case it was noticed that before we request to open a video on the BBC website the Network Time Protocol came into play. NTP uses UDP over port 123. RTMP Real Time Messaging Protocol is intended for streaming audio, video and data over the Internet. RTMP works on top of TCP and uses port 1935 as default for communication. In our capture we can see that RTMP was initialised by Handshake from client and Server to enable the streaming of the video through a more secure dedicated channel that improves streaming quality. The screenshot below shows the encryption of data achieved through the Handshake between Client and Server.
Lab 1 Part 2 Packet Tracer The Lab part 2 is intended to introduce Packet Tracer and give us the opportunity to explore some of it s functionalities. We have been tasked to configure a small network segment with 1 router, 1 switch and couple of hosts in order to explore the tools available from Packet Tracer, also working towards the configuration of Cisco routers, basic configuration steps are achieved on this Lab i.e. setting passwords, IP addresses, telnet etc. Packet Tracer is software for network design; it provides a graphical user interface for network design, configuration and test of a real environment. Packet Tracer belongs to Cisco that is the biggest network hardware provider in the market nowadays; therefore Packet Tracer offers real life experience for engineers providing similar experience that would be only available via the real physical device. In this sheet I will place the screenshots of the configuration, and in the attached sheet will be the lab task steps with answers to all questions. Network Scenario fully configured.
Ping from Host 1 to host 2, this shows the communication between two hosts located in 2 different network segments. Ping from Host 1 to Router1, this shows the communication of the Host and the Eth NIC of the Router, both addresses are on the same network range. Full Router configuration showed with the command Show Running Configuration or (show run) Router1(config)#do show run Building configuration... Current configuration : 993 bytes version 12.2 no service timestamps log datetime msec
no service timestamps debug datetime msec no service password- encryption hostname Router1 enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1 no ip domain- lookup ip host Router1 192.168.0.1 interface FastEthernet0/0 description Router1 Fa0/0 ip address 192.168.1.1 255.255.255.0 duplex auto speed auto interface FastEthernet1/0 no ip address duplex auto speed auto shutdown interface Serial2/0
description Router1 Serial 2/0 ip address 192.168.0.1 255.255.255.0 clock rate 64000 interface Serial3/0 no ip address shutdown interface FastEthernet4/0 no ip address shutdown interface FastEthernet5/0 no ip address shutdown router rip version 2 network 192.168.0.0 network 192.168.1.0 ip classless
banner motd ^C Keep away from this network ^C line con 0 password cisco login line vty 0 4 password class login line vty 5 password class login end The screenshot below shows a telnet connection from the Host computer that is located in a different network range. Telnet enables remote connection into Routers and Switches for configuration and maintenance. Telnet is not always available in companies that are highly concerned of network security because it opens a port for external connection.
Tracert is a command used to find out how many hopes away a Host is from the gateway of the service it s trying to reach, e.g. tracert www.google.com will display all the Routers that will be by your packet to reach Google s web server. In my case I have used tracert 192.168.1.1 that shows 1 hop, which means that I am 1 hop away from my gateway. Procedure Use Packet Tracer in achieving the following. Check the configuration files after each step 1. Create a diagram with one router (2811) and one switch (2950-24). Switch on the routers. Add an end device (generic PC) to the switch. Add one console (PC) for the router. Connect all devices (straight through cable router-to-switch and switch-to-pc, roll-over (console cable) console-to-router). Skip set-up mode. Note the prompt you obtain. In which mode are you? Answer: user mode 2. Type? To list all available commands in this mode. 3. What does the command ssh? Give? Answer: opens a secure shell client connection 4. What does show? Give? Answer: show running system information 5. Obtain hardware/software version information (Router> show version). What information is available? Answer: Version 12.2 (28) 6. Configure the following: Enter privileged exec mode Router> enable Enter global configuration mode Router# configure terminal: Stop domain lookup Router# no ip domain-lookup Hostname Router(config)# hostname anyname Configure message of the day anyname(config)# banner motd #Hello etc.# All interfaces (use private IP addresses with anyname(config)# int s1/0 the subnet mask 255.255.255.0) anyname(config-if)# ip address 192.168.0.1 255.255.255.0 anyname(config-if)# no shut anyname(config-if)# clockrate 64000 anyname(config-if)# exit anyname(config)# int fa0/1 anyname(config-if)# ip address 192.168.1.1 255.255.255.0 anyname(config-if)# no shut anyname(config-if)# exit Description for each interface anyname(config-if)# description Router LAB-1-s1/0 Console password anyname(config)# line console 0
anyname(config)# login anyname(config)# password cisco Enable secret anyname(config)# enable secret class Passwords for virtual terminals anyname(config)# line vty 0 5 anyname(config)# login anyname(config)# password class Routing protocol RIP anyname(config)# router rip anyname(config-router)# version 2 anyname(config-router)# network 192.168.0.0 anyname(config-router)# network 192.168.1.0 ip host anyname(config)# ip host anyhostname 192.169.0.1 7. Check the running and start-up configuration files. How do they compare? anyname# sh run anyname# sh start Show run shows what s running on the router before saving Show start shows what it s starting and saved on the router, however after saving the config available on the running config to startup config it will then appear on the startup config. 8. Copy running configuration to start-up configuration (anyname# copy run start). Check the running and start-up configuration files again. How do they compare? The same config is present now. 9. Configure an additional host for the router (IP address and subnet mask). 10. Try the following Ping from host to host Screenshot on lab report Trace route from host to host Screenshot on lab report
Some commands/syntax for commands to use: Router> enable Router# erase start Router# reload Router# configure terminal Router(config)# hostname hostname Router(config)# banner motd #the message# Router(config)# interface interface type interface no Router(config-if)# ip address ip-address subnet-mask Router(config-if)# no shutdown Router(config-if)# clockrate 56000 Router(config-if)# bandwidth 56 Router(config-if)# description description Router(config)# ip host hostname ip-address Router# show run Router# copy running-config startup-config Router(config)# router protocol Router(config-router)# network network-address Router(config)# line console 0 Router(config-line)# login Router(config)# password cisco Router(config)# line vty 0 4 Router(config-line)# login Router(config)# password cisco Router(config)# enable secret class Router# ping ip-address Router# telnet ip-address Router# telnet ip-host-name Router# show ip route Router# debug ip route Router# undebug all Change to privileged exec mode Change to global configuration mode Change to interface configuration mode Reload router Set hostname to hostname Message of the day Change to interface configuration mode Set interface ip address & subnet mask DCE only optional Configuring a routing protocol Setting line console password Setting password for virtual lines Setting secret password Save your configuration on a removable media for later use. Note: Some good links for packet tracer tutorial: i) http://engweb.info/cisco/packet%20tracer%20tutorials.html ii) http://www.packettracer.info/tag/pdf-tutorial-packet-tracer-5-3
CCM4300 Lab Report M00283362 Jose Sinti