Computer Networking: Internet Protocols in Action

Preface iii

Acknowledgments viii

Section 1: Getting Started 1

Introduction 1

Exercise 1.1 Examining a Quiet Network 2

Introduction 2

Configuration 3

Experiment 3

Using the Capture Options Dialog 6

Examining a Short Trace 9

List, Protocol, and Raw Panes 10

Trace Summary Statistics 12

Questions 14

Discussion and Investigation 14

Resources 15

Exercise 1.2 Protocol Layering 16

Introduction 16

Configuration 19

Experiment 19

Protocol Hierarchy Statistics 20

TCP Connection 20

Frame Layer 22

Ethernet Layer 23

Internet Protocol Layer 25

Transport Control Protocol 26

Packet Overview 27

UDP Packets 27

Questions 27

Discussion and Investigation 28

Resources 29

Exercise 1.3 Examining a Busy Network Using Filters 30

Introduction 30

Configuration 31

Experiment 32

Capture Filters 32

Color Filters 34

Display Filters 38

Searching for Packets 39

Questions 39

Discussion and Investigation 40

Resources 40

Section 2: Application Layer Protocols 42

Introduction 42

Exercise 2.1 Under the Hood of HTTP 44

Introduction 44

Configuration 46

Experiment 47

HTTP Get Request 48

HTTP Response 50

Multiple GET Requests per URL 50

Plain Text Data 51

Multiple TCP Streams 54

Questions 54

Discussion and Investigation 55

Resources 56

Exercise 2.2 HTTP Caching,Authorization and Cookies 57

Introduction 57

Configuration 57

Experiment 58

Cookies 58

Authorization Headers 59

Caching Headers 61

Questions 63

Discussion and Investigation 64

Resources 64

Exercise 2.3 FTP – File Transfer Protocol 65

Introduction 65

Configuration 66

Experiment 67

Control Channel 67

Data Channels 71

Questions 73

Discussion and Investigation 74

Resources 75

Exercise 2.4 Sending and Receiving Email with SMTP and POP 76

Introduction 76

Configuration 77

Experiment 78

Outgoing Mail 78

Incoming Mail 81

E-mail Headers 82

No Mail 84

Questions 85

Discussion and Investigation 86

Resources 86

Section 3: Transport Layer Protocols 88

Introduction 88

Exercise 3.1 Introduction to TCP 90

Introduction 90

Configuration 92

Experiment 93

Local TTCP Connection 93

Connection Establishment 94

One-way Data Flow 96

Closing a Connection 97

Connection Statistics 97

Remote SSH Connection 98

Questions 99

Discussion and Investigation 99

Resources 101

Exercise 3.2 Retransmission in TCP 102

Introduction 102

Configuration 103

Experiment 104

Local TTCP Connection 104

SACK Option Negotiated 105

Missing Packets and Retransmission 107

Impact on Sending Rate 109

Remote TTCP Connection 111

Questions 112

Discussion and Investigation 113

Resources 114

Exercise 3.3 Comparing TCP to UDP 115

Introduction 115

Configuration 117

Experiment 117

Using TTCP To Generate TCP and UDP

Traffic 118

Normal Data Transfer In TCP 119

Normal Data Transfer In UDP 120

No Receiver Present for TCP and UDP 122

Questions 123

Discussion and Investigation 124

Resources 125

Exercise 3.4 Competing TCP and UDP Streams 126

Introduction 126

Configuration 127

Experiment 128

Two Competing TCP Streams 128

UDP Competing with TCP 132

Two Competing UDP Streams 133

Questions 135

Discussion and Investigation 136

Resources 136

Section 4: Network Layer Protocols 137

Introduction 137

Exercise 4.1 Joining the Internet: Introduction to IP and DHCP 139

Introduction 139

Configuration 142

Experiment 143

Obtaining an IP Address Via DHCP 143

Fragmentation in IPv4 146

Ping Over IPv6 149

Questions 151

Discussion and Investigation 151

Resources 152

Exercise 4.2 Ping and Traceroute 153

Introduction 153

Configuration 156

Experiment 157

Local and Remote Pings 157

Local Traceroute 159

Remote Traceroute 162

Questions 163

Discussion and Investigation 164

Resources 164

Exercise 4.3 Dynamic Routing with RIP 166

Introduction 166

Configuration 168

Experiment 170

No RIP Enabled 170

RIP Enabled on the Endpoints 170

RIP Enabled on All Machines But One 171

RIP Enabled End-to-End 175

Adding a Loop in the Network Graph 177

Adjusting to a Failed Link 178

Open Shortest Path First 178

Questions 180

Discussion and Investigation 181

Resources 181

Exercise 4.4 Border Gateway Protocol 182

Introduction 182

Configuration 184

Experiment 186

Establishing BGP Peering Sessions 186

Withdrawing a Route 188

Repairing a Connection 191

Questions 193

Discussion and Investigation 193

Resources 194

Section 5: Link Layer Protocols 195

Introduction 195

Exercise 5.1 MAC Addresses and the Address Resolution Protocol 197

Introduction 197

Configuration 200

Experiment 201

Address Resolution Protocol 201

MAC Address Spoofing 203

Questions 207

Discussion and Investigation 208

Resources 208

Exercise 5.2 Ethernet 209

Introduction 209

Configuration 213

Experiment 214

Ethernet Switch 214

Ethernet Hub 216

Questions 217

Discussion and Investigation 219

Resources 219

Exercise 5.3 Wireless LANs 220

Introduction 220

Configuration 226

Experiment 227

Beacon Frames 227

WEP Disabled 229

Contents xi

Data Frames 231

WEP Enabled 232

Questions 233

Discussion and Investigation 234

Resources 234

Section 6: Security 235

Introduction 235

Exercise 6.1 Encryption 236

Introduction 236

Configuration 238

Experiment 239

Plain Text Telnet Session 239

Encrypted SSH Session 240

Attacks Against SSH 242

Comparing HTTP and HTTPS 243

Questions 246

Discussion and Investigation 247

Resources 248

Exercise 6.2 IP Spoofing and TCP Session Stealing 249

Introduction 249

Configuration 250

Experiment 251

TCP Session Hijacking 252

TCP Session Termination 256

Questions 257

Discussion and Investigation 257

Resources 258

Exercise 6.3 System Vulnerabilities 259

Introduction 259

Configuration 261

Experiment 262

Port Scans 262

Blaster Worm 265

Questions 267

Discussion and Investigation 268

Resources 268

Index 269