CS615A -- Aspects of System Administration

CS615A -- Aspects of System Administration - HW#2

HW2: packet captures

Objective

The objective of this assignment is for you to learn how to capture and read packets to observe and analyze network traffic as well as to research and explain some parts of the physical aspects of the internet. This reinforces lessons from our networking videos.

Note: this assignment requires you to use multiple tools. Please pay close attention to which tools to use for which parts of the assignment.

Summary

Please carefully read the assignment in full before you begin.

This assignment is worth 30 points.

Details

Create a Fedora instance (ami-08b4ee602f76bff79) and run the command traceroute www.stevens.edu on it. Using the tcpdump(8) utility, capture only the relevant packets.

Next, issue an HTTP request to 6.ifconfig.pro using the telnet(1) or nc(1) command and capture the TCP packets only. Use the -w for tcpdump(8) to write the data into a pcap file, then load that file into Wireshark and observe the TCP packet details. Return back to the command-line and identify the same information marked by Wireshark using the tcpdump -r command.

Finally, run traceroutes to the following hosts to observe the different routes across the globe taken:

155.246.56.11
128.171.235.62
190.64.134.53
2001:608:0:dff::2
196.10.52.57
2606:4700:f1::123
144.76.76.107
211.233.84.186

Identify some other service endpoints in distant geographic locations, if you like.

Use Visual Traceroute, IP2Location Traceroute, traceroute on a map, traceroute mapper or perhaps Open Visual Traceroute to map the hops from different starting locations to these addresses. Take note of the different networks the packets traverse and the paths they take.

Deliverables Due Date

You will submit a single tar(1) archive. The file to submit will be called "$USER-hw2.tar" (where "$USER" is your username). The archive will extract all files and subdirectories into a directory named $USER. Your archive will contain the following files:

traceroute.txt - a text file containing the annotated output of tcpdump(8), showing clearly and only the relevant ICMP and UDP packets for the traceroute to www.stevens.edu
http.txt - a text file containing the annotated output of tcpdump -r of your HTTP request, explaining and identifying separately the TCP handshake, the HTTP request, the HTTP reply, and the termination of the connection
visual-traceroute.txt - a plain text file noting your findings from the visual traceroute and answering the following questions:
- Can you identify major peering points and tier-1 operators?
- How many ASes do the traces pass through?
- Report anything noteworthy or interesting. If anything appears surprising or non-obvious, research and present an explanation.
README - commentary on what you learned, what you found difficult, what you found surprising

Creating a valid submission might look as follows:

$ mkdir $USER $ cd $USER $ vi traceroute.txt http.txt visual-traceroute.txt README $ cd .. $ tar cf ${USER}-hw2.tar ${USER}

Please attach the file to an email sent from your @stevens.edu email address to jschauma@stevens.edu with a subject of "[CS615] HW2".

The due date for this assignment is 2023-02-27 16:00 EDT.

[Course Website]