1 Internet Tool Practice 한두균 송정환

2 Outline Internet Tools –ping –traceroute –nslookup –ifconfig –arp –netstat –synack –nmap –Iperf –crontab Homeworks

3 ping (1/3) Send an ICMP ECHO_REQUEST message to a host Test whether another host is reachable Measures the Round-Trip Time(RTT) to the host Usage –ping [-options value ] destination –Option type : -s (size), -c (count), -i (interval ), -t (TTL) etc. –Ex) ping –c 5 mmlab.snu.ac.kr Reference –In the UNIX-like system, man ping Because the options of ping are different according to OS, see man- page for details Applicable to all the commands introduced here

4 ping (2/3) $ ping -c 3 -t 10 mmlab.snu.ac.kr PING mmlab.snu.ac.kr ( ) 56(84) bytes of data. 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=1 ttl=62 time=1.57 ms 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=2 ttl=62 time=0.387 ms 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=3 ttl=62 time=1.41 ms --- mmlab.snu.ac.kr ping statistics packets transmitted, 3 received, 0% packet loss, time 2005ms rtt min/avg/max/mdev = 0.387/1.125/1.574/0.525 ms

5 ping (3/3) $ ping -c 3 -i 3 mmlab.snu.ac.kr PING mmlab.snu.ac.kr ( ) 56(84) bytes of data. 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=1 ttl=62 time=0.411 ms 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=2 ttl=62 time=0.550 ms 64 bytes from mmlab.snu.ac.kr ( ): icmp_seq=3 ttl=62 time=80.0 ms --- mmlab.snu.ac.kr ping statistics packets transmitted, 3 received, 0% packet loss, time 6005ms rtt min/avg/max/mdev = 0.411/27.002/80.045/ ms

6 traceroute (1/2) Let us see the route that IP datagrams follow from one host to another –Although there are no guarantees that two consecutive IP datagrams from the same source to the same destination follow the same route, most of the time they do. Usage –traceroute [-options value ] hostname –Ex) traceroute

7 traceroute (2/2) $ traceroute mmlab.snu.ac.kr traceroute to mmlab.snu.ac.kr ( ), 30 hops max, 40 byte packets ( ) ms ms ms ( ) ms ms ms 3 mmlab ( ) ms ms ms $ traceroute traceroute to hyperion.cs.berkeley.edu ( ), 30 hops max, 38 byte packets ( ) ms ms ms ( ) ms ms ms ( ) ms ms ms ( ) ms ms ms ( ) ms ms ms 6 seoulgsr.kreonet.net ( ) ms ms ms 7 baramgsr-seoulgsr.kreonet.net ( ) ms ms ms ……. 17 hyperion.CS.Berkeley.EDU ( ) ms ms ms

8 nslookup (1/2) Allow anyone to directly query a name server and retrieve any of the information known to the DNS System Usage –nslookup [ - option ] [ name | - ] [ server ] –interactive mode –non-interactive mode Other programs –host google.co.kr –dig google.co.kr

9 nslookup (2/2) $ nslookup > mmlab.snu.ac.kr Server: Address: #53 Name: mmlab.snu.ac.kr Address: > Server: Address: # in-addr.arpa name = mmlab.snu.ac.kr. $ nslookup cse.snu.ac.kr Server: Address: #53 Non-authoritative answer: Name: cse.snu.ac.kr Address:

10 ifconfig Check the network interface configuration Usage –ifconfig [interface] $ /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:B0:D0:68:B1:C6 inet addr: Bcast: Mask: inet6 addr: fe80::2b0:d0ff:fe68:b1c6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets: errors:0 dropped:0 overruns:150 frame:150 TX packets: errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes: (3.0 GiB) TX bytes: (46.5 MiB) ……..

11 arp Manipulate the system ARP cache Usage – arp [option] hostname $ arp -a ? ( ) at 00:00:0c:07:ac:00 on rl0 [ethernet] ? ( ) at 00:d0:02:cb:e3:fc on rl0 [ethernet] ? ( ) at 00:0a:5e:01:e2:ba on rl0 [ethernet] ? ( ) at 00:e0:98:b0:fa:7d on rl0 [ethernet] ? ( ) at 00:04:76:d0:0a:ab on rl0 [ethernet] csebrg1.snu.ac.kr ( ) at 00:50:04:bf:c5:b9 on rl0 [ethernet] topaz.snu.ac.kr ( ) at 00:0d:61:3b:8f:59 on rl0 [ethernet] garnet.snu.ac.kr ( ) at 00:0e:35:0d:fe:96 on rl0 [ethernet] opal.snu.ac.kr ( ) at 00:11:11:0f:2f:c0 on rl0 [ethernet] emerald.snu.ac.kr ( ) at 00:4f:4e:0d:51:2d on rl0 [ethernet] smart1.snu.ac.kr ( ) at 00:00:f0:91:0d:3a on rl0 [ethernet] ? ( ) at 00:50:da:91:0b:0d on rl0 [ethernet] …

12 netstat (1/2) Show network status Usage –netstat [option] Options –-a : show the state of all sockets. But normally sockets used by server processes are not shown. –-i : show status and statistics for the physical interfaces –-n : show network addresses as numbers –-r : show the routing table

13 netstat (2/2) $ netstat –r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface localnet * U eth0 default UG eth0 $ netstat –rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface U eth UG eth0

14 synack (1/3) Description –Establishes a Client-Server connection by calling connect which performs the 3-way Handshake of the TCP Protocol –Measures the time taken for the connection to be established b/w the client & server –Closes the connection once the RTT is measured by calling close which performs a 4-packet exchange –Repeats the above process at regular intervals (defined by the user) after the connection is closed –Performs statistical analysis on the RTT data obtained Reference –

15 synack (2/3) Usage –synack [-options] host Options –-p ## port number to send to (default 22) –-k ## no. of connections to be made –-i ## Time interval between connections in secs (default 1 sec) –-u ## Time interval between connections in microsecs –-z ## Percentile 1 (default 25) –-Z ## Percentile 2 (default 75) –-S ## Timout in secs (default 1 Sec) –-s ## Timeout in millisecs

16 synack (3/3) $./synack -p 80 -k 10 SYN-ACK to moose.snu.ac.kr ( ), 10 Packets connected to moose.snu.ac.kr : Seq = 0, RTT = ms connected to moose.snu.ac.kr : Seq = 1, RTT = ms connected to moose.snu.ac.kr : Seq = 2, RTT = ms connected to moose.snu.ac.kr : Seq = 3, RTT = ms connected to moose.snu.ac.kr : Seq = 4, RTT = ms connected to moose.snu.ac.kr : Seq = 5, RTT = ms connected to moose.snu.ac.kr : Seq = 6, RTT = ms connected to moose.snu.ac.kr : Seq = 7, RTT = ms connected to moose.snu.ac.kr : Seq = 8, RTT = ms connected to moose.snu.ac.kr : Seq = 9, RTT = ms Waiting for outstanding packets (if any) ***** Round Trip Statistics of SYN-ACK to moose.snu.ac.kr (Port = 80) ****** 10 packets transmitted, 10 packets received, 0.00 percent packet loss round-trip (ms) min/avg/max = 0.612/1.001/1.782 (std = 0.531) (median = 0.698) (interquartile range = 1.087) (25 percentile = 0.667) (75 percentile = 1.754)

17 nmap (1/2) Network Mapper Network exploration tool and security scanner Scan large networks to determine which hosts are up and what services are offering Usage –nmap [Scan Types] [ Options] Reference – –In the unix shell, man nmap

18 nmap (2/2) $ nmap mmlab.snu.ac.kr Starting Nmap 4.11 ( ) at :39 KST Interesting ports on mmlab.snu.ac.kr ( ): Not shown: 1504 closed ports, 170 filtered ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 110/tcp open pop3 587/tcp open submission 3306/tcp open mysql Nmap finished: 1 IP address (1 host up) scanned in seconds

19 iperf (1/2) A tool to measure maximum TCP bandwidth –allowing the tuning of various parameters and UDP characteristics Reports bandwidth, delay jitter, datagram loss –for a TCP connection : throughput, bandwidth –for a UDP connection : throughput, jitter, lost/total datagram Usage –iperf [-s|-c host] [options]

20 iperf (2/2) $ iperf -s Server listening on TCP port 5001 TCP window size: 85.3 KByte (default) [ 4] local port 5001 connected with port [ 4] sec 1.25 GBytes 1.07 Gbits/sec $ iperf –c martini.snu.ac.kr Client connecting to martini.snu.ac.kr, TCP port 5001 TCP window size: 49.4 KByte (default) [ 3] local port connected with port 5001 [ 3] sec 1.25 GBytes 1.08 Gbits/sec

21 Crontab crontab [ -u user ] { -l | -r | -e } –-u user user 사용자에 대해서 crontab 작업을 수행한다. 생략하면 crontab 명령을 실행하는 사용자에 대해서 crtontab 작업을 수행. –-l 현재 cron table 을 보여 준다. –-r 현재 cron table 을 삭제한다. –-e 현재 cron table 을 편집한다. cron table 의 각 필드 –minute(0~59) hour(0-23) day(1-31) month(1-12) weekday(1-7) command – 요일 필드 : 1( 월 ), 2( 화 ), 3( 수 ), 4( 목 ), 5( 금 ), 6( 토 ), 7( 일 ) –'*' : everytime –'-' : 범위 지정, 예를 들어 시간 필드에 1-3 이면 1 시와 3 시 사이 즉 1 시 2 시 3 시 –',' : separator, 예를 들어 시간 필드에 1,3 이면 1 시와 3 시 – 사용 예 * * 1 ~/bin/log_cat – 매주 월요일 오후 2 시 30 분에 ~/bin/log_cat 을 실행 * * ~/bin/log_report – 매월 1 일 새벽 2 시 30 분에 ~/bin/log_report 를 실행