## Blog 8

This week in class was all about Binary.  So what is Binary.  Well its a numerical system used by Computer and Electronics to understand.  Instead of the normal number system of Base 10 that we used everyday, Binary is a Base 2 system.  This makes it easier for electronics because they have circuits that are either on or off.  Binary only uses two different numbers, either “1” being on, or “0” being off.

A particularly handy size chunk of computer memory happens to be 8 bits long. This size chunk of memory can be used to represent any number from zero (00000000) to 255 (11111111). Why does 11111111 (base 2) equal 255? Because it means:

1 x 128  +  1 x 64  +  1 x 32  +  1 x 16  +
1 x 8  +  1 x 4  +  1 x 2  +  1 x 1  =  255

A better way to get a look at how to compute binary number with ones and zeros it to make a chart like this:

We have a special name for a chunk of memory that is 8 bits long: it is called a byte. This is the basic unit we use to measure computer memory size.  The 8 bit standard is used because its the smallest base power of 2 that can also represent letters in the English Language.  Although we didn’t cover much on how computer compute letters from ones and zeros, we did discuss how computers use Binary to compute IP addresses.  Something that I found interesting this week that answered a question I always wondered was why Router Subnet Mask always started with 255.255. and when you look at binary how the 8 bit long base 2 numbers all add up to 255 it finally made sense.

This week I contributed to Diigo a link on a Binary Game by Cisco http://forums.cisco.com/CertCom/game/binary_game_page.htm

This game is actually kinda fun and I got faster and faster as I did it.  I found on the larger numbers to compute it was easier to just subtract from 255.  Like to compute 247 for instance:  255 – 247=8, so it was easier to know if all ones=11111111=255, then 247 would equal all ones except a 0 in the Eights place= 11110111.

## Lab 6: Packet Sniffing with Wireshark

Lab 6:  Packet Sniffing with Wireshark

by:  James Moore, Partner:  Matt Balderree

What is Wireshark:  Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Objectives:  Download and Install Wireshark from http://wireshark.org.  Capture network traffic in the following activities:

• Browse a webpage on a server outside of campus.
• Do a file transfer to an FTP server.
• Test connectivity to a host with Ping.
• Acquire a network address with DHCP.

Equipment List:  2 x Mac Laptops, Wireshark Application, FireFTP Application, ethernet cable.  (USED THROUGHOUT LAB)

Notes and Observations:  I went to a webpage called cnet.com and captured data using Wireshark.  I was able to capture DNS/HTTP/TCP.  Using Wireshark I am able to determine the source IP, Destination IP, and the MAC address of the device accessing.  For the FTP transfer I used a Firefox add on called FireFTP.

Along with transferring your files quickly and efficiently, FireFTP also includes more advanced features such as: directory comparison, syncing directories while navigating, SFTP, SSL encryption, search/filtering, integrity checks, remote editing, drag & drop, file hashing, and much more!

Using one of the students in our class FTP server he had setup I was able to access it via a password and transfer files to it while capturing using Wireshark.  The interesting thing about this was that while capturing it would show detailed information of what I was transferring and also my user name and password.  So the security of this was very low.

By testing connectivity to a host with Ping, I was able to see the ping request and capture ARP table information.

For the next portion of the lab is where I ran into problems.  Trying to acquire a network address with DHCP.  To do this I attempted first to unlock the user root.  First by going to system preferences, accounts, login options, network account server join, open directory utility, then under Edit tab “enable root user.”  The next step was trying to drop my IP address and try to get a newly assigned IP address all while capturing this via Wireshark.  To try and release my IP address using a MAC I did the following:

1. Click the Apple icon and select System Preferences….
2. Click Network.
3. Select Built-in Ethernet and click Configure.
4. Click Renew DHCP Lease.

The problem that arose is that I was receiving the exact same IP address so I wasn’t sure if this renewal was working.  While troubleshooting this and trying over and over again this is as far as I got in the lab.

Diagrams, Flowcharts, and Figures:

Here is an example of what Wireshark looks like while capturing data.

References:  Lab handout, Wireshark.org, Firefox and FireFTP, spyhill.com, helpdesk.illinoisstate.edu

Questions:

Find a frame containing a DNS query.  What protocols are encapsulated in this frame?  Which of these protocols is a transport layer protocol?  eth/ip/tcp/http,  The HTTP is a transport layer.

Find a frame conaining ICMP information.  What protocols are encapsulated in this frame?  Which layer does ICMP reside in?  What do the ICMP initials mean?  eth/ip/icp/ip/udp,  Internet Control Message Protocol,  Layer 3

Find frames containing HTTP information.  Approximately how many frames did it take to download the web page?  List the different protocols that are used.  Note how many protocols are working together to find and retrieve the information.    Facebook=5753, Arp/cups/dhcp/dhcpv6/dns/http/icmp/mpns/ssdp/tcp.

Review:

What is the purpose of sequence numbers?  Is to aid TCP in reordering the packets that are sent.

What is the purpose of source & destination addresses?  So that computers that exchange date know who it came from and who it needs to go to.

What is the purpose of DNS?  to translate internet addresses into IP addresses for the computer to read.

What is DHCP?  Domain Host Configuration Protocol, a way to assign IP addresses to computers on a network.

What is the relationship between the OSI model of networking and what you saw in this lab activity?  What evidence of layered network design did you discover when examining the captured data?  Both use layers to divide up different portions of the network.  Both use Encapsulation.

What are the implications of having a tool like Wireshark freely available?  For network administration? For Security?  The implications could be that people will be able to manage their personal or other networks better, a good learning tool, negative could be hackers and people trying to steal data for identity purposes.  Network administrators can pinpoint problems within their network easier.  Of course security from hackers and such, makes it easier for someone to use at wireless hotspots, and other ways to steal data.

Conclusion:   This lab used a great tool that is freely available and allowed me to see just how the network communicates.  I can see just how useful this tool can be to the everyday person, network administrators, and even the hacker.  This lab afforded me the opportunity to see all the different protocols and the data being captured on the network.  I think it was a good lab, and I didn’t know tools like this existed especially free.

## Blog 7

This week we finished up our exercise of how a network traffic works and how messages are sent over the network.  We used envelops and assigned people different roles like:  server, printer, CPU, wireless device, router, and yea even a Wii.   In this exercise again I was a CPU using wireless.  Interesting is how wireless devices are all on the same port of a switch unlike Ethernet, printers, servers, and others that have a physical wire running to the switch.  From a security standpoint I realized how much more secure it is to have a physical connection to your own port instead of wireless.  I was able to see the flow of how my message to the server was sent and received.  It was a good exercise and creative in how physically played the parts of each device instead of just drawing them on the board.  Although drawing on the board if very useful too.

We also this week discussed the usage of a tool called Wireshark.  Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto standard across many industries and educational institutions.  In class we used this tool to packet sniff and capture packets.  It was interesting to see how easily you can capture data on a network and analyze what has been captured from which MAC address and IP.  Also even allowing to see HTTP sites being visited.

This week I contributed two articles one on how to secure your wireless network using wireshark:

## Blog 6

This week we discussed TCP/IP, more on encapsulation, and ports.  The encapsulation process of adding headers through each layer and then unpackaged at the receiving end.  Much like in the two pictures below.

We also discussed ports.  Below is a list of the most common ports:

#### Common Ports

The most common ports include:

• 20;21 – FTP
• 22 – SSH
• 23 – Telnet
• 25 – SMTP
• 80 – HTTP
• 110 – POP3
• 143 – IMAP
• 443 – HTTPS
• 1701 – L2TP (UDP) – not compatible with NAT
• 1723 – PPTP (TCP)
• 3389 – MS Remote Desktop/Terminal Services
• 5631 & 5632 – pcAnywhere

To explain ports a good analogy was used.  Like that of a House with a physical mailing address, the house has multiple different utilities on different ports like water, gas, electric, cable, phone, internet, and trash.  All of these are routed to the house with an address like that of an IP address.  This can be thought of as how ports pertain to networks and switches.

Lastly I contributed this week to the Wiki:  I edited the Encapsulation and TCP ports.  http://ksunetworking.wikispaces.com/02-27-2012+Encapsulation+TCPIP  there is  a good video and list of common ports and a link to the full list of ports used.

I also contributed a link to Diigo:  http://www.networkworld.com/news/2011/122311-naval-researchers-pioneer-tcp-based-spam-254400.html

## Lab 5 Web & FTP Servers

Lab 5:  Web & FTP Servers

by:  James Moore, Partner:  Matt Balderree

Questions:  According to Netcraft, what is the most popular type of web server in operation?  Apache.  Has this always been the case?  No, in the early 90s NCSA was more popular and the standard.  Since 1995 most have switched over to Apache majority and others like Microsoft and Sun.  Currently NCSA and Sun are just about dead, and Google and nginx have taken some market share as Microsoft continues to decline.  Apache still holds a steady majority.

Equipment List:  2 x Mac Laptops (USED THROUGHOUT LAB)

Notes and Observations:  We did not have to download any software as Macs have built-in web servers.  Instead we went to system preferences-sharing-enable web sharing.

Diagrams, Flowcharts, and Figures:  None (THROUGHOUT LAB)

References:  Lab handout (SAME USED THROUGHOUT LAB)

Objectives:  Testing the webserver

Notes and Observations:  We tested the TCP/IP functionality by typing http://localhost in the address bar of our browser, in my case Firefox.  Also on a Mac when web sharing is enables it gives the personal web site address for you to click on and in my case was http://10.10.2.132/~jmm0592, also the loopback or computer’s address was http://10.10.2.132.

Objectives:  Create a homepage

Notes and Observations:  I first ran into the problem of where and how to locate my homepage in .txt format to edit.  I found the webpage in a folder called “Sites” which is the default folder for created web servers.  I located the file index.html and opened it in a Word document and set up my homepage.  I added an image to the homepage and then checked to see if it worked, which it did.

Notes and Observations:  For this I just went to System Preferences-Sharing-File Sharing-Enable FTP sharing.

Notes and Observations:  Went to System Preferences-Accounts-Create a user-and added the name Doe and set up a password.  After that I went into FTP sharing and added Doe to the list.

Objectives:  Use a command line FTP Client

Notes and Observations:  We opened our terminal windows and tried to access each others ftp servers.  By following the lab instruction command line for the terminal I was able to see Matt’s complete listing of folders and was able to communicate with his computer.  However it didn’t work when Matt tried to access mine.  We found that the problem was at first I didn’t create a user under accounts instead just adding a name under ftp sharing.  After twice deleting and adding the Doe account it finally worked and he was able to do the same.

Conclusion:  This lab afforded me the opportunity to create a homepage and setup a web server and ftp server.  Using our Macs made this lab pretty easy without having to download extra software, except for Matt having to download something extra due to him using a newer version of OSX.  We ran out of time troubleshooting and didn’t have a chance to do it on a PC, but did complete the lab using our Macs.  I learned how easy it could be to setup a basic homepage, and a FTP with others.  Also gave me more experience with the Terminal and learning more commands and finding help in the terminal by pressing ? and on a MAC displaying all possible commands by holding down the ESC key.

## Blog 5

This week was used to review for our test.  We cleared the room out and were given 4 cards with a networking subject on it.  We then went around the room and compared cards and how they relate to each other like, “physical layer – crossover cable.”  This was a helpful exercise to review, but also to bring up questions.

We also discussed this week encapsulation.  Simple explanation, the encapsulation means the lower layer of TCP/IP protocol suite would wrap (encapsulate) the upper layer’s data, header and add its own header/footer with protocol information, then send to lower layer again till the encapsulated data is sent out to other networking device, finally the unwrapping (decapsulation) process on the received data would be enforced at the destination.

What I contributed this week:  I updated the wiki for the Data Link Layer,  I also contributed a link on Diigo of a youtube video on Ports vs Sockets.

## Lab 4: Exploring TCP/IP Networks (Part 1)

Lab 4:  Exploring TCP/IP Networks (Part 1)

by:  James Moore

Objectives:  Configure a simple class “B” network

Equipment List:  2 x Mac Laptops, 1x PC, 1 Switch, 1 router.

Notes and Observations:  Setup a stand-alone class “B” network with the first 16 bits the same and the last 16 bits unique.  We set up our 3 computers and decided on our three unique IP addresses.  We then plugged up to the same switch and decided on the subnet mask to be used for this network.  We pinged each other on the network to ensure that each of our computers could communicate with each other.

Diagrams, Flowcharts, and Figures:  None (THROUGHOUT LAB)

References:  Lab handout (SAME USED THROUGHOUT LAB)

Questions:  What is the highest OSI layer the computers are currently communicating with?  Layer 2.  What protocol is used to automatically (dynamically) assign IP addresses to machines?  DHCP.  How did we check connectivity?  by pinging each other.  Other ways to confirm that the network works between the computers? run a traceroute.

Objectives:  Configure a router.  Connect networks “B” and “C” to the router and communicate.  Create two appropriate addresses for the router.

Notes and Observations:  We were to use patch cords and plug up the switches to the router in which we did, but later ran into a problem.  We came up with two gateway addresses that were similar each of our network IP addresses.  We then used a terminal cable and plugged up to a computer and opened the hyperterminal to configure the router.  We were manually configuring by adding the IP addresses and subnet and then enabling the routing protocol.  After configuring we still were not able to communicate with the other network.  Our problem ended up being a Layer 1 problem with a bad wire.  We didn’t ensure the light was green on the switch to the port the router was plugged up to.  After fixing the problem we were able to ping other computers on the other network.

Conclusion:  This lab provided a great opportunity to set up a network as teams and configure a router and enjoyed the accomplishment of all our computer communicating with each other.  A big lesson learned is to start with the basics first when things go wrong.  With all my years of signal experience I should of known to start with the wire or at least check the light to ensure it was on, but still was a good reminder and learning experience to deal with that frustrating situation.  I also learned a great bit about using the hyperterminal to configure a router and what it takes to add networks to it.