Lab Assignment 1 : due 2/24 Mon
Preparation
1. traceroute tool (we will use an equivalent tool called tracert in Windows in this lab)
traceroute operates by first sending a few datagrams with the time-to-live (TTL) field in the IP header set to 1; it
then sends a series of datagrams towards the same destination with a TTL value of 2; it then sends a series of
datagrams towards the same destination with a TTL value of 3; and so on. A router must decrement the TTL in each
received datagram by 1 (RFC 791 says that the router must decrement the TTL by at least one). If the TTL reaches 0,
the router returns an ICMP message (type 11 – TTL-exceeded) to the sending host. As a result of this behavior, a
datagram with a TTL of 1 (sent by the host executing traceroute) will cause the router one hop away from the sender
to send an ICMP TTL-exceeded message back to the sender; the datagram sent with a TTL of 2 will cause the router
two hops away to send an ICMP message back to the sender; the datagram sent with a TTL of 3 will cause the router
three hops away to send an ICMP message back to the sender; and so on. In this manner, the host executing
traceroute can learn the identities of the routers between itself and destination X by looking at the source IP
addresses in the datagrams containing the ICMP TTL-exceeded messages.
2. Install openssl and ghex
$sudo apt-get install openssl
OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security
(TLS v1) network protocols and related cryptography standards required by them. In this lab, we will practice using
openssl enc command to encrypt/decrypt a file. To see the manuals, you can type man openssl and man
enc.
$sudo apt-get install ghex
ghex is a hex editor for GNOME, it allows the user to load data from any file, view and edit it in either hex or ascii.
(The command name is ghex 0n the command line but will open a GUI)
 Question 1
Open a terminal in Windows and type in the following command and answer the questions
$tracert -d yahoo.com
a. How many hops is your machine away from yahoo.com? (Attach the output in the lab report)
b. Wait for a while and execute the same command again. Is the output the same as the first time? (Hint:
no) Which hops are changed? Observe and compare the difference, and explain the reason.
 Question 2
a. Use your CS account to log in linux1.cs.umb.edu and compare the following two commands in the
shell and explain the difference between the outputs.
dig cs.umb.edu
dig cs.umb.edu @8.8.8.8
b. What is the IP address of cs.umb.edu? Assume CS department’s network uses a 23-bit IP prefix, how
many IP addresses the department can support?
c. Write a script to find all the IP addresses assigned in CS department that have globally recognized
domain names. (Consider the same assumption of 23-bit prefix)
 Question 3
In openssl, we can use the following commands to encrypt/decrypt a file.
$openssl enc -aes-128-ecb –nosalt -e -in plain.txt -out cipher.bin
(Create a text file called plain.txt with 128 bits of data in it then use AES-128-ECB to encrypt the file
plain.txt and store the ciphertext as cipher.bin)
$openssl enc -aes-128-ecb –nosalt -d -in cipher.bin
(use the same scheme to decrypt the ciphertext cipher.bin)
“-aes-128-ecb” option specifies a particular version of AES algorithm.
a. The encryption algorithm aes-128-ecb is a 128-bit block cipher. Design an experiment to verify it. (This is
very difficult but give it a try.)
b. Create a >64 bytes text file plain2.txt and use the above command to generate the cipher2.bin. What
does the ecb mean in the command and why is important for step b but not for step a? Use ghex to
change 1 bit of cipher2.bin and save the result as cipher3.bin. Execute the same command above to
decrypt cipher3.bin. How much information can you recover? Please explain why.