networking tools

Wireshark

to learn basic working of internet and ip address

1. turn off all network activities (mail, chat, game, facebook)
2. start wireshark capture
3. go to a simple web server (e.g. example.com)
4. stop wireshark
5. analyze the capture
  - what do you see? can you find example.com activities?
  - how to filter the capture to see only what you want?
  - what is the target ip address (example.com)? how to get it? DNS request/response
  - HTTP request / response
  - layering and headers
  - fields in various headers
6. be prepared to come back to this exercise again and again
7. try sjsu.edu or cmpe.sjsu.edu or your home router

ipconfig

- figure out the addressing information on your computer

1. start command shell
2. run "ipconfig" (windows) or "ifconfig" (mac)
3. run "ipconfig -all" again
4. compare the two
5. do you see DNS address there? is it the same as in your wireshark dns packets?

- use wireshark to capture DHCP actions

ping

- see if a domain is alive

1. start wireshark
2. start command shell
3. run "ping sjsu.edu"
4. run "ping google.com"
5. stop wireshark and analyze

traceRT

- trace the path of ip packet

1. start wireshark
2. start command shell
3. run "tracert sjsu.edu"
4. run "tracert google.com"
5. stop wireshark and analyze
6. pay attention to TTL and icmp packets (this step ma

nslookup

- use nslookup to learn DNS records

1. start command shell
2. run nslookup
3. give any domain, e.g. sjsu.edu, google.com, amazon.com
4. do ? to see all other options supported by nslookup utility
5. set type=ANY
6. try the same domain (e.g. sjsu.edu) again
7. note all the different records
8. explore other options
9. combine with wireshark and analyze various DNS commands

Page updated

Google Sites

Report abuse