Network+ LAB
Name_______________________
Lab 1a: MS Win 2000/2003/2008 Server Installation
This Win Server lab exercise shows students how to install a Win server host. Students (in pairs) install the
Server NOS (from a CD) onto a removable hard disk. The learning outcomes include:
(1) prepare Win Server installation
(2) partition the removable hard disk for
(3) configure the network
(4) set up the Administrator password
(5) add a user account
(6) configure password authentication
(7) Install various software packages.
(8) After successful installation, students must reboot the machine to verify that the host is up and
running as expected.
Lab 1b: Linux Installation
This Linux lab exercise shows students how to install a Linux host. Students (in pairs) install the Linux 8 (from
a CD) onto a removable hard disk (see section 4 for more about removable hard (disk). The learning
outcomes include:
(1) prepare Linux installation boot disk;
(2) partition the removable hard disk for Linux installation;
(3) configure the network;
(4) set up the root password;
(5) add a user account;
(6) configure password authentication
(7) Install various software packages.
(8) After successful installation, students must reboot the machine to verify that the host is up and
running as expected.
Note: All Equipment and Software can be check out through LAB Instructor.
Lab 2a: ping
Please read completely before you begin!
This lab should extend your knowledge of connectivity testing and bandwidth measurement.
Review
Ping is a basic and ubiquitous utility for checking connectivity. It derives its name from the sound sonar
makes. It is also the basis for a number of variants and advanced tools and is available in a number of forms.
Its basic operation is quite simple. It sends an ICMP echo request packet to a remote host. If properly
configured, the remote host will send back an ICMP echo reply packet. Reception of the reply indicates basic
connectivity between the source host and the destination. Consequently, ping is often the first tool that a
network administrator or savvy user will turn to when confronted with a network problem.
ping and ping-like tools can be used to estimate the transmission rate of a connection. To understand how
this works, we need to be very clear on what the terms we are using mean. Whenever a packet is sent
across a network, there are three timing-components (or delays) that determine how long it takes for the
packet to arrive—the propagation delay, the transmission delay, and the queuing delay. For a link along the
path, the propagation delay depends on the length of the link and the propagation speed (usually expressed
as a percentage of the speed of light).
This is unaffected by packet size. The transmission delay is the product of the speed at which the bits can be
placed on the media (the transmission rate usually measured in bits per second) and the number of bits that
must be transmitted. While technically inaccurate, the transmission rate is often described as the
bandwidth of a connection. The final delay is the queuing delay—the amount of time a packet spends in
routers waiting to be transmitted. This depends on the number and size of the other packets in the queue
before it as well as the transmission rate of the interface. The total propagation time in simply the sum of
these three delays for each link along the path.
Since only the transmission delay depends on size of the packet, it is possible to vary the packet size and use
the difference in delays to estimate the amount of time to estimate the transmission rate of an interface. A
privileged user can specify the packet size used by ping with the -s option.
Unfortunately, ping has been implicated in a number of security threats in recent years. For example, in the
ping-of-death attack, an ill-formed ping packet may cause an older system to crash. (Actually any ill-formed
packet would cause this problem. It is just easier to create the problem with ping packets.) ping has been
used for denial-of-service attacks such as the Smurf Attacks where a host is flooded with ping packets. ping
has also been used to probe systems. While the real problem in each of these cases has been misconfigured
systems or firewalls, some system administrators have naively configured their systems not to respond to
ping. As a result, they and their users have lost a valuable tool.
Lab
For each of the following steps describe your results, give the syntax of the command you used, and, where
appropriate, the output produced. Include screen captures as needed in your output. Be sure to label your
results carefully and organize your results in the order of steps as given here and to answer each question in
your report.



Ping google.com
Ping google.com –t (Use control and C to stop)
TTL
Lab 2b: traceroute
Please read completely before you begin!
This lab should extend your knowledge of connectivity testing and the operation of some TCP/IP basics.
Review
traceroute is a utility that will discover the devices on a path from one machine to another. It does this
through a clever use of the time-to-live (TTL) field in an IP packet’s header. The TTL field is used to limit the
lifetime of a packet. As a packet passes through a router, the field is decremented. When it reaches zero, a
router should discard the packet and send a “time exceeded” error message back to the packet’s source. Of
course, this error message will have the router’s address as its source address. traceroute works by sending
a series of packets with TTL fields of 1, 2, 3, etc. to the destination. Thus each router along the path will
send back an error message saying it discarded a packet. traceroute is able to build a list of all the routers on
a path to a remote machine by collecting the source addresses from these error messages.
traceroute uses an unlikely port number for the destination port so that when the packet finally arrives at its
destination, the destination will typically send back an ICMP “port unreachable” error message. Receipt of
this message alerts traceroute that it has reached the end of the path. Actually, traceroute sends packets in
sets of threes, each with a different port number, just in case one of the randomly selected ports is actually
being used.
Lab
For each of the following steps describe your results, give the syntax of the command you used, and, where
appropriate, the output produced. Include screen captures as needed in your output. Be sure to label your
results carefully and organize your results in the order of steps as given here and to answer each question in
your report.
 Looking glasses are web sites that allow you to run simple network analysis programs like ping and
traceroute from their sites. The site http://www.traceroute.org/ maintains a list of such sites. Visit one
of these sites and do a traceroute.
Lab 2c: ARP
Please read completely before you begin!
In this lab we will look at the relationship between Ethernet and TCP/IP. This lab should extend your
knowledge of both the Address Resolution Protocol and Ethernet.
Review
All TCP/IP implementations are built on top of and rely on a data-link protocol such as Ethernet or token ring. While
TCP/IP is responsible for end-to-end communications, the data link level manages the point-to-point communications.
That is, all IP networks operate by sending packets to the next computer using a data-link protocol. Whenever IP
forwards a packet, it must be to a machine on a directly connected subnet. Since routers are connected to multiple
subnets, the packet can make its way across a network one subnet at a time. Since the network layer knows only the
IP address of the next hop, this IP address must be mapped into the data-link address or MAC address. This is the role
of ARP.
Each Ethernet device uses a 48-bit address. Like IP, each Ethernet address should be globally unique. (There is one
major exception to this. Some devices will use the same Ethernet address on every interface in that device. As you
can imagine, this may create nasty problems for other devices and should be discouraged.) Each address can be
divided into two parts, a 24-bit Organization Unique Identifier (OUI) and a 24-bit assigned address. Each Ethernet
manufacturer applies for and is assigned a different OUI by the IEEE. It uses these as the first 24 bits of the address of
every interface it manufactures. The manufacturer is free to assign the remaining bits of the address as it sees fit,
provided all devices it manufactures have unique addresses.
You can look up an OUI at the site http://standards.ieee.org/regauth/oui/index.shtml. For example, the Ethernet
address of the machine this document is being written on is 00-06-5B-CA-D4-25 in HEX. The OUI is 00-06-5B. This OUI
is assigned to Dell. Sometimes, interpreting the results returned by this site can be a little tricky since when one
company acquires another, they also acquire the OUI. Thus, the system may return the original company name rather
than the name of the new parent company. You should also keep in mind that a number of Ethernet addresses are
reserved for special purposes. For example, the address FF-FF-FF-FF-FF-FF is a broadcast address. Obviously, you
won’t get anywhere searching the OUI FF-FF-FF.
ARP is a somewhat overloaded term. ARP (uppercase) is the protocol while arp (lowercase) is the program that
implements the protocol. arp constructs an arp table (or arp cache) that contains the IP to Ethernet address
mappings. That is, the arp program, using the ARP protocol, maintains the arp table, a table of IP to MAC address
mappings. There will be one entry in the table for each directly connected device that your computer currently knows
how to contact. There won’t be any entries for devices on remote subnets since you can’t use Ethernet to connect
directly to those devices. Rather, you may see an entry corresponding to the device that is the next hop on the path.
There are two ways that an address may be added to an arp table. It may be added statically, either directly by a user
or by a script (typically at startup). Static addresses usually remain in the table until the machine reboots or they are
explicitly removed. The ARP protocol also provides a mechanism to dynamically discover the address mappings for
devices. If the address mapping is unknown, an ARP request packet containing the IP address of the desired
destination will be sent to every device on the subnet, i.e., an ARP request is sent as an Ethernet broadcast packet.
Each device on the subnet should be listening for these packets. Each will examine the packet. If the desired
destination’s IP address is a listening device’s IP address, that device will respond to the ARP request with an ARP
reply. There is usually a timeout for dynamically discovered addresses. If not used, these mappings will usually
disappear from the arp table within a few minutes.
Lab
 Arp
 Arp -a
Lab 2d: Name Resolution (nslookup)
Please read completely before you begin!
A key element in a computer network is a mechanism to map between the numeric addresses used by computers and
the more descriptive names used by people. This laboratory investigates the mechanism TCP/IP networks use. Other
network protocols provide similar mechanisms.
Review
When a user enters a computer name such as www.whitehouse.gov, the name is converted into an IP address
(12.129.72.168 in this case), which is what is actually used by the communications protocol. With IP networks, several
different mechanisms may be used.
The simplest mechanism is host tables. Host tables are nothing more than tables giving IP addresses and the names
that correspond to the IP address, one entry per line. On most Unix systems, the host table is the file /etc/hosts.
Microsoft Windows also uses host files but their locations vary depending on the software version. Most systems will
check the host file before attempting to use other mechanisms. But while the host file is a simple and efficient
mechanism, it doesn’t scale since every system you want to communicate with must be entered into the table. So,
apart from small isolated static networks, a more scalable mechanism is needed to extend this mechanism.
DNS (domain name services) is the most commonly used mechanism. DNS uses a hierarchical system of name servers
reflected in the structure of host names. Consider the name www.whitehouse.gov. If your system does not know the
IP address of this site already, it will contact the server for the gov domain. This site knows the address of the name
server for the domain whitehouse.gov. This server will know the address of the web server, www.whitehouse.gov.
When the whitehouse.gov domain was created, the creators registered the domain name and the IP address of its
name server was entered into the DNS server for the gov domain. The administrators for the whitehouse.gov domain
are responsible for supplying the server for their domain. In turn, they may create additional subdomains under their
domain. Setting up a DNS server requires installing the appropriate software on a sever and entering the DNS
information for the domain. The most commonly used software in the Unix world is bind.
There are several tools that can be used to query domain name servers. The most common is nslookup. This is
available on Windows as well as Unix systems. nslookup can be used as both an interactive or command-line tool. If
you enter nslookup without an argument, you will enter interactive mode. You can type a “?” for a brief list of
commands options. Unfortunately, most system administrators now view the information returned by tools like
nslookup as a security leak and limit what is available through nslookup queries. A number of other similar tools exist,
most notably dig.
There are alternatives to DNS. NIS and NIS+ is used on many systems, particularly systems from SUN Microsystems.
DDNS is an extension to DNS that does dynamic address mapping. You might use DDNS if you are using a DHCP server
to lease IP addresses. With traditional DNS, the name server would not know which machines has which address since
the addresses would be changing. DDNS works with the DHCP server to solve this problem.
One last word about DNS—DNS breaks at times. The usual way to test DNS is to ping the same site by name and by IP
number. If the later works and the former doesn’t, you probably have a DNS problem. Of course, if you know every IP
address you’ll ever need, you can always bypass name resolution.
Lab


Examine the host table on your computer. Explain the structure of the table.
Immediately after pinging a site requiring name resolution, ping the site a second time. Do you see the same
name resolution packets? Why or why not?
Lab 2e: File Transfer Protocol
Please read completely before you begin!
This lab introduces the FTP protocol and command set.
Review
The File Transfer Protocol or FTP (RFC 959) is used to move files from one machine to another. Like email protocols,
the protocol provides a simple command set that is used by FTP software. But in several ways, FTP can be more
complex.
Here are a few FTP commands
Command
USER user’s name
PASS password
SYST
Description
Log into host
Supply user’s password
Get a description of the remote system
STAT
Find out the status of the connection
HELP
List commands or get information about a specific command
QUIT
End the session
Here is a slightly edited sample session using several FTP commands. This session was created by using TELNET to
connect to the destination server at port 21.
220 nobody.nowhere.org FTP server (Version 6.00LS) ready.
user joe
331 Password required for joe.
pass hushhush
230 User joe logged in.
syst
215 UNIX Type: L8 Version: BSD-199506
stat
211- nobody.nowhere.org FTP server status:
Version 6.00LS
Connected to joe (10.0.36.71)
Logged in as joe
TYPE: ASCII, FORM: Nonprint; STRUcture: File; transfer MODE: Stream
No data connection
This example shows an FTP login to nohow.nowhere.org. At first glance, this looks a lot like the email sessions. But if
you try some of the other commands such as LIST, you’ll discover that most don’t work. The reason is that FTP opens
separate connections to transfer information, something that a TELNET client can’t cope with. This means that we are
going to have to turn to other tools to see how FTP works, specifically packet capture. (Still, using TELNET can be
helpful. For example, it can be used to confirm that the FTP server is operational or to investigate which modes it will
support.)
Lab

FTP Microsoft.com
For more information on a specific command, type HELP command-name
ASSOC Displays or modifies file extension associations.
AT
Schedules commands and programs to run on a computer.
ATTRIB Displays or changes file attributes.
BREAK Sets or clears extended CTRL+C checking.
CACLS Displays or modifies access control lists (ACLs) of files.
CALL Calls one batch program from another.
CD
Displays the name of or changes the current directory.
CHCP Displays or sets the active code page number.
CHDIR Displays the name of or changes the current directory.
CHKDSK Checks a disk and displays a status report.
CHKNTFS Displays or modifies the checking of disk at boot time.
CLS Clears the screen.
CMD Starts a new instance of the Windows command interpreter.
COLOR Sets the default console foreground and background colors.
COMP Compares the contents of two files or sets of files.
COMPACT Displays or alters the compression of files on NTFS partitions.
CONVERT Converts FAT volumes to NTFS. You cannot convert the current drive.
COPY Copies one or more files to another location.
DATE Displays or sets the date.
DEL Deletes one or more files.
DIR Displays a list of files and subdirectories in a directory.
DISKCOMP Compares the contents of two floppy disks.
DISKCOPY Copies the contents of one floppy disk to another.
DOSKEY Edits command lines, recalls Windows commands, and creates macros.
ECHO Displays messages, or turns command echoing on or off.
ENDLOCAL Ends localization of environment changes in a batch file.
ERASE Deletes one or more files.
EXIT Quits the CMD.EXE program (command interpreter).
FC
Compares two files or sets of files, and displays the differences between them.
FIND Searches for a text string in a file or files.
FINDSTR Searches for strings in files.
FOR Runs a specified command for each file in a set of files.
FORMAT Formats a disk for use with Windows.
FTYPE Displays or modifies file types used in file extension associations.
GOTO Directs the Windows command interpreter to a labeled line in a batch program.
GRAFTABL Enables Windows to display an extended character set in graphics mode.
HELP Provides Help information for Windows commands.
IF
Performs conditional processing in batch programs.
LABEL Creates, changes, or deletes the volume label of a disk.
MD
Creates a directory.
MKDIR Creates a directory.
MODE Configures a system device.
MORE Displays output one screen at a time.
MOVE Moves one or more files from one directory to another directory.
PATH Displays or sets a search path for executable files.
PAUSE Suspends processing of a batch file and displays a message.
POPD Restores the previous value of the current directory saved by PUSHD.
PRINT Prints a text file.
PROMPT Changes the Windows command prompt.
PUSHD Saves the current directory then changes it.
RD
Removes a directory.
RECOVER Recovers readable information from a bad or defective disk.
REM Records comments (remarks) in batch files or CONFIG.SYS.
REN Renames a file or files.
RENAME Renames a file or files.
REPLACE Replaces files.
RMDIR Removes a directory.
SET Displays, sets, or removes Windows environment variables.
SETLOCAL Begins localization of environment changes in a batch file.
SHIFT Shifts the position of replaceable parameters in batch files.
SORT Sorts input.
START Starts a separate window to run a specified program or command.
SUBST Associates a path with a drive letter.
TIME Displays or sets the system time.
TITLE Sets the window title for a CMD.EXE session.
TREE Graphically displays the directory structure of a drive or path.
TYPE Displays the contents of a text file.
VER Displays the Windows version.
VERIFY Tells Windows whether to verify that your files are written correctly to a disk.
VOL Displays a disk volume label and serial number.
XCOPY Copies files and directory trees.