Reference no: EM132528318

COMP2881 Operating Systems - Flinders University

Working with packets and network interfaces

Task 1
Write a shell program that uses the following snippets to collect usage information on the ethernet interface, print out the results as per the example below. This small script is the basis for thinking about monitoring networks services on the network. Consider the material from the lecture about network monitoring about where this fits into managing your

Experiment with each of these on the command line to get an understanding how they work;
• Use the output of the ifconfig command to determine the network interfaces available;
$ /sbin/ifconfig -a
• Use the output of date in the time zone UTC
$ date --utc
Sunday 21 October 23:32:28 UTC 2018
• Use the format specifier of date command to print year, month, day, hour, minute and seconds, eg;
$ date +%D 10/22/18
• Use the output of the following command to collect bytes sent and received, select appropriate network interface;
$ cat /sys/class/net/eth1/statistics/tx_bytes 6537940985992
$ cat /sys/class/net/eth1/statistics/rx_bytes 297914460567432
• Use the return value from ping to determine if the default gateway is available;
$ ip route show # find IP address of default gateway
$ ping -c 1 192.168.1.1 # change to the default gateway on your system
$ echo $? # print out the return value

$ ping -c 1 192.168.1.1
$ if [ $? -ne 0 ] ; then echo "Gateway: Fail" ; else echo "Gateway: OK" ; fi

• Use shell variables to store information to be printed, for example use this quote with back ticks "`" to run commands and copy their text output in to the string variable. No spaces around the assignment; "=". Multiple variables can be printed out on the one line with echo.
$ export tbytes=`/sbin/ifconfig eth1 | grep "TX bytes" | sed -e "s/.*TX bytes://" | sed -e "s/(.*//"`
$ echo $tbytes 6537553143

• Use a while loop in your shell program, exit the program if the ping fails.
$ cat task.sh #!/bin/sh a=1
while [ $a -gt 0 ] # if a is greater than zero do
echo $a a=`expr $a + 1`
sleep 10 # sleep for ten seconds ## BODY OF TEST GOES HERE
## if ping fails set loop counter to zero done

Task 2

Use the tcpdump command in a terminal to display the summary of packets sent and received by applications running on your BYOD machine;

• Start firefox, similar web browser on the VM
• In a terminal, use tcpdump with the appropriate command line options to view all http traffic on the first network interface, for example as the root user;
tcpdump -i eth0 ...

• Use other tools like ping, to generate traffic on the interfaces
• Use tcpdump with the appropriate command line options to capture traffic from eth0 or the first network interface and write to a file; network-traffic.cap
• We will use this file later with Wireshark to display the contents, so you can let this run for some time.

Demonstrate the following questions with the above activities;
Q) Can you capture packets with tcpdump and display in the terminal?
Q) Can you capture packets to a file with tcpdump?

Task 3
Use the tcpdump command in a terminal inspect the contents of packets sent and received by applications running on your BYOD machine;

• In a terminal, use tcpdump to inspect more about packets with these options
tcpdump -vvv -s 1500 ...

• Use tcpdump to capture traffic on specific ports

Demonstrate the following questions with the above activities;
Q) What does the -vvv and -s 1500 flags do?
Q) Can you identify packets on UDP or TCP port 53, source and destination hosts when using the web browser?
Q) Can you identify packets with a protocols other than TCP/IP or UDP/IP ?

Task 4
Use the tcpdump command in a terminal to capture the packets sent and received by applications running on the VM. Take a screen shot of the window where you have run the following;

• Use wireshark to capture all traffic from eth0 or the first network device to a file [FILE 1]
• Use wireshark to view only ICMP traffic

Q) Can you identify ICMP traffic on the network interface?
Or if running a VM, can you install and run wireshark on the host machine running the VM to capture the VMs traffic?

Task 5
Identify the latency of a host over the local network, it should typically be in milliseconds;
• Use the tools tracepath, traceroute and ping to determine the route trip times of packets to a host
• Install the above tools if not on your system already

Q) Can you run the following commands and compare the resulting times to the host;
$ tracepath
$ traceroute
$ ping -c 10

Q) Identify which hosts/routers create the largest latency
Q) Do you see asymmetric routes, if so why might that be?
Q) Using tcpdump or wireshark, what type of traffic do these programs generate?

Attachment:- Working with packets and network interfaces.rar