First, note that today’s Internet can trace its history, technology and functionality to Unix and Linux is of course a direct descendent of Unix (as is Mac OS). I can’t echo the importance of this area strongly enough as everything done in Business today has a Web component or impact and the Internet and Web in turn effects every business. Below you will learn commands to both test your connectivity as well as to perform basic research verifying identity and in today’s world of aliasing, spoofing and identity theft this is very important.
It should be noted that Mac and Windows support networking functionality (networking is core OS functionality) through Mac’s Terminal (Linux based so identical) and the Windows command prompt (cmd.exe) and this uses Windows syntax which is slightly different. You will see a lot of acronyms used in networking so look them up as necessary and you should of course try and research the commands in this lab in further detail as before.
Required reading – In addition to researching the commands below, please review the textbook’s networking chapter as necessary.
SSH & SFTP
A very nice SSH introduction is located here and please pay special attention to the security information (i.e. spoofing): http://support.suso.com/supki/SSH_Tutorial_for_Linux
Prof Jojo’s instructions for SSH and SFTP are located below. SSH is incredibly useful however HVCC has moved to OpenVPN since it is more portable for today’s evolving virtual infrastructure. Both of these are necessary tools for the IT professional and you will use these to access HVCC resources and manage your WordPress Web Development.
Open a terminal (your primary user) and then open another terminal and login using your lastnameciss100 user. Place these terminal windows side by side and resize them (make them larger/longer). You will again be taking screenshots of your entire desktop, place them in a .odt file and submit this file when complete. Please label the screenshots with the appropriate Exercise number.
Note that I have not provided the exact login commands I since I cannot simply provide everyone with the exact commands as all this does is teach everyone to follow directions. This is an important step necessary to complete the final project and all your future endeavors as you will run into problems (probably due to user error in the final project) and you will need to resolve these errors the rest of your professional careers.
$ hostname # try this in each window
may require you to install it if you have not already done so.
$ sudo apt-get install finger
Using your primary user’s (firstnamelastname) terminal, finger your lastnameciss100 user and using your lastnameciss100 user’s terminal, finger your primary user.
Take a screenshot and paste it into your LastnameFirstnameLL11.odt file labeling it with the exercise number.
you may just read this section as proper mail configuration requires that directories and permissions be created and modified. If you wish to play around with this mail may require you to install it:
$ sudo apt-get install mailutils
You will also need a way to retrieve mail so
$ sudo apt-get install getmail4
Now you can send and receive mail without a GUI. This is very important for system administrators as you will need to send mail by invoking (running) scripts.
Ping (adapted from Cisco CCNA Lab)
Ping uses the ICMP echo reply feature to test physical connectivity. Ping gives an indication of the reliability of the connection. Let’s first check that our OS’s Internet Stack (TCP/IP stack) is working so we will ping our own machine. Please enter:
$ ping 127.0.0.1 #ctrl-c to break out of ping cycle
When your networking functionality fails, this should be the first thing you do aside from checking the cables as this test the integrity of your TCP/IP stack. As an example when a light is out in your room, do you immediately call National Grid or do you look for a light switch. Following this, do you next check your breaker box, do you look at your neighbor’s lights? You can see where I am going with this as we start with the foundation and work up. 127.0.0.1 is a special purpose address commonly referred to as a ‘loopback’ since it is redirected by the computer’s network adapter back to the computer and therefore does not reach the connected LAN. When we (or a program) ping 127.0.0.1 we are testing the OS’s TCP/IP protocol stack.
Break out of the ping 127.0.0.1, take a screenshot and paste it into your document.
Continuing on with Ping:
Ok, so we worked with a raw IP address above (i.e. 127.0.0.1), now lets invoke our DNS. Note some people with Windows experience Networking difficulties in VB. If any of the following do not work, try changing your VB Network settings to NAT if they are Bridged or vice versa. Sometimes students even have to repeatedly go back and forth between the two between iterations. If it doesn’t work please do not worry as I will not deduct points.
$ ping albany.edu #again ctrl-c breaks out
Ping’s first output line shows the Fully Qualified Domain Name (FQDN) followed by the IP address. A Domain Name Service (DNS) server somewhere in the network was able to resolve the name to an IP address. DNS servers resolve domain names, not hostnames, to IP addresses.
Without this name resolution, the ping would have failed because TCP/IP only understands valid IP addresses. It would not be possible to use the web browser without this name resolution.
With DNS, connectivity to computers on the Internet can be verified using a familiar web address, or domain name, without having to know the actual IP address. If the nearest DNS server does not know the IP address, the server asks a DNS server higher in the Internet structure.
Let’s ping HVCC
Did we find it? This depends on where you are (inside or outside HVCC) as HVCC surely has a DNS entry as you can Google it however quite often ping is turned off for HVCC. If you don’t have an ip address it is much harder to launch an attack. I hope you turned off your ping responder in your Wireless AP as recommended.
Now having said this we still can get it by using:
Break out of the ping if necessary take a screenshot and paste it into your document. Again if it didn’t work this will demonstrate that you tried this.
host will return an IP address and uses both DNS and anything recorded in /etc/hosts.
nslookup will return IP address of a host name however in contrast to host above, nslookup will not use the /etc/hosts file.
Ok, so we may know a site is out there but how do we learn more about or about the route the packets take?
traceroute(use tracert in DOS cmd.exe in Windows).
traceroute is TCP/IP utility for tracing the paths that IP packets follow through the internet. Recall that IP packets are created from TCP segments and these packets may follow different paths between source and destination where they are reconstituted at the destination. The first output line shows the FQDN followed by the IP address. Therefore, a DNS server was able to resolve the name to an IP address. Then there are listings of all routers the tracert requests had to pass through to get to the destination. tracert uses the same echo requests and replies as the ping command but in a slightly different way as it will compute the path 3 times. Let’s try it by entering:
$traceroute albany.edu # you may have to sudo apt-get install traceroute
Now should traceroute fail, try tracepath as this will still show you some items
Try traceroute for albany.edu again at some point in the future time and compare results to determine the consistency of the route. BTW – do you see anything interesting. Typically I observe the path goes through either NYC or Boston as packets will take the quickest path (biggest fastest pipe). This usually surprises people the first time they see this but the packets are taking the quickest route not the most direct. Notice that there may be relatively long delays due to congestion. The main thing to observe is the consistent connectivity. Each router represents a point where one network connects to another network and the packet was forwarded through.
Ok, lets look at packets that have to cross the country. Please enter:
$ traceroute berkeley.edu
Sometimes I will even get paths to Berkeley that actually go to Europe and sometimes I will get completely anonymous routers (security) in the middle of the country.
Exercise 11d – take a screenshot and handle it appropriately
mtr is a network diagnostic tool that essentially improves upon traceroute by providing network quality and network diagnostic info. mtr can be left running to get real time stats. Let’s see it in action
$ mtr hvcc.edu # use [q] to quit
whois – this can be incredibly useful utility to determine identity and defeat spoofing and aliasing. Try:
$ whois hvcc.edu #note you can also use dig
Now looking at this information should open the eyes of any budding SysAdmins as you are seeing 2 contact names and the opportunity for Social Hacking. SysAdmins (and everyone for that matter) must be particularly aware when they post on Bulletin Boards and Usenet groups. Imagine if SysAdmin Bill Jojo used his real name to either seek information or provide information (e.g. Imagine a Usenet group post asking for help – “System xxxx keeps crashing, does anyone have an answer”, or providing information, “Yes, you need to install patch xxx.xxx). In either case, a SysAdmin may reveal the systems they are running and provide hackers with research material or points of entry as it is easier to hack a known system. Lesson – never… never use your real name or your institution name in an online user group!!!
Now also try whois using HVCC’s IP address (instead of typing whois hvcc.edu perform a whois using the IP address as the argument).
Exercise 11e: Please take a screenshot and paste it into your .odt document.
talk is the first chat program… really the first one – . You would have to install this (sudo apt-get install talk and then make it available for all users but we will not do this right now).
netstat is a very useful command revealing connections, routing tables, statistics and other vital information, to get a quick understanding of all netstat can do please see the netstat man page (please do this).
Now in your main window (e.g. firstnamelastname), let’s look at some network netstat statistics:
$ netstat -s
$ netstat -i #interface statistics
and routing table information
$ netstat -rn
ifconfig will display additional connection information and some it should look familiar and as always, you can perform a man ifconfig to learn more.
You should be able to identify your hardware and IP addresses. BTW – are you seeing IPV6 addresses? Do any of you have any collisions reported? If so what is your topology where ever you are?
Note that Windows uses ipconfig whereas the Mac uses the standard ifconfig. Try it on these other platforms (Windows 7 type in cmd.exe in search programs and files box at bottom of start menu). Ifconfig can be used to set up your default gateways and set your DNS. Interestingly, if you have a Mac you will probably see a lot more information including whether you have mail. Let’s recall the networking stack (Application layer, TCP, IP, Network) and what layer is mail – ans. Application layer.
Exercise 11f: Please take a screenshot and paste it into your .odt document.
Continuing on and concluding with other useful commands that you will use should you perform the BackTrack Linux Final Project
socklist is a perl script that displays list of open sockets (includes type, port, inode, pid) and this of course allows you to shutdown/kill necessary processes/sockets.
procinfo gathers system information from /proc and prints it to the screen and displays information about installed hardware, running processes and open sockets
route allows you to view, configure and manipulate your IP routing table. Try the following – $route -n
arp (Address Resolution Protocol)
arp resolves the IP to Ethernet mapping and is presented here: http://linux-ip.net/html/ether-arp.html. Minimally please try – $arp -a
Now if you are doing this at home, you can check your Wireless AP’s log and you will see that its MAC address has been accessed/logged.