Prelab 1 Introduction to Linux and Equipment

1. Review the Linux man pages for chmod, cp, hosts, kill, ls, man, more, mkdir, mv, ping, pwd, rm,
rmdir, and tcpdump at www.linuxmanpages.com.

2. Read about the /etc/sysconfig/network file and /etc/sysconfig/network-scripts/ifcfg-<interface-
name> scripts at the Linux Network Config Files link on the class we page.

3. Read Introduction to Mastering Networks.

Question Sheet for Prelab 1
1. What will happen if you type man man in Linux?

2. How can you use the command ls to find out about the size of the file /etc/lilo.con?

3. What happens to the files in the command mv file1 file2? Which option of mv issues a warning?

4. What is the command that you issue if you are in directory / and want to copy the file /mydata to directory
/labdata?

5. What is the command that you issue if you are in directory / and want to copy all files and directories under
/mydirectory to directory /newdirectory?

6. What happens when you type rm * in a directory?

7. What is the command used to delete all files and directories under the directory /mydirectory?



LAB 0NE: Introduction to Linux and Equipment 2
- 2 -

LAB 1

In this lab you will familiarize yourself with the Linux boxes, the Cisco equipment, and some of the networking
tools.

NOTE: Remember to reboot the machines before using them by either using the GNOME reboot option or typing
reboot in the terminal as root.

SAVE ALL FILES IN /root/labdata/<user> (where your <user> is your cats/email ID). All files you create should
be saved to the storage you choose in Part C.

SUGGESTION - unless a specific name is requested, use the following name format for the files you save:
[Exercise]-[Part]-[Question]-PC-<command>. For example 5-A-4-PC1-tcpdump. This will help ensure you can find
the data needed for the lab report.
Netwoik Setup F0R LAB 1
Connect the PCs according to the diagram below to a single switch. Note: do not use port 24 on the switches as it
has been configured to behave differently from the other ports you will find out about this in later labs.

1.1 Topology for Lab 1

The table below contains the IP address for each of the Linux PCs; these should be preconfigured:

PC IP address of eth0
PC1 10.0.1.11/24
PC2 10.0.1.12/24
PC3 10.0.1.13/24
PC4 10.0.1.14/24

LAB 0NE: Introduction to Linux and Equipment 3
- 3 -

Exeicise 1

PART A: Setting up The Netwoik
Refer to the diagram above to see what the network looks like:
A.1: Connect each PCs eth0 port to an associated port on the switch (any port will do for this exercise).

A.2: Make sure eth0 is up on each PC by typing in the terminal: ifconfig eth0
This will bring up configuration information about eth0 only.


PART B: Testing Connectivity
After being connected, all four hosts (Linux PCs) should be able to communicate with each other:

B.1: We will use ping to test connectivity between the PCs.

B.2. Switch to PC1 and issue a ping to PC2, PC3, and PC4 by typing:
PC1% ping c 5 10.0.1.12 (Ping to PC2)
PC1% ping c 5 10.0.1.13 (Ping to PC3)
PC1% ping c 5 10.0.1.14 (Ping to PC4)

B.3: Use the KVM switch to work on PC3 and in a terminal window ping PC1, PC2, and PC4 using their respective
IP addresses.

Exeicise 2: Leaining Linux

Before starting this lab keep these commands in mind:
man
pwd
ls
more
tcpdump
mv
cp
rm
mkdir
rmdir
chmod
(p)kill
ping
cd

PART A: Familiaiizing with Commanus
The goal of this section is to acquaint yourself with the Linux command line by executing everyday tasks. Some of
the tasks may require multiple commands to complete:

A.1: Change to the home directory of root.
A.2: Make a directory called test in the directory you just entered.
A.3: Copy the file /etc/hosts to the test directory just created.
A.4: Change the current directory to test.
A.5: Change the name of the file hosts to oldhosts.
A.6: List the content of the directory test.
A.7: List the content of oldhosts.
A.8: Remove all files in directory test.
A.9: Remove the directory test.
LAB 0NE: Introduction to Linux and Equipment 4
- 4 -

PART B: Saving Bata In the Teiminal
This section will show you how to save output into a text file for review at a later date:

B.1: There are several operators that help save files. The most common are >>, >, and | (pipe). We will be using the
pipe since it is the most convenient way to view and save output at the same time.

You can use the pipe to send data to another program on the command line, for example to save a text file from a list
command:

PC% ls | tee filename

This lists a directory and uses the tee program that opens a file writing operator taking input from the standard
out of ls and outputting it to the filename from the standard out of each program. Use this to save any data from
commands on the command line that you need.

B.2: Data can also be saved from the terminal through Cut and Paste. Highlight information and hit Shift-Ctrl-C,
then paste into a text editor with Ctrl-V. Gedit is the GNOME Text Editor and can be run from the GUI main menu
or by typing gedit in a terminal window.

SAvE BATA:
B.3: Save the output of the command ls l /usr to a file named usrfile_x where x is the method for saving: 1
for piping and tee, 2 for cut and paste into a text editor. (Remember, save in the /root/labdata/<user> directory)

PART C: SavingCopying Files to Floppy0SB Biive
This section will show you how to mount a floppy in Linux and how to save your files to it.
NOTE: Only read the section for the storage method you choose.

Floppy:
C.1: Mounting: Check to see if the floppy drive is empty, if not go down to step C.4 to unmount it. To mount the
floppy:
First check to see if you have a folder to link the media to:
PC1% ls /media/disk
If there is no folder or directory,
ls: /media/disk: No such file or directory
Then you must create one in the root directory,
PC1% mkdir -p /media/disk
Then you must mount the disk to the created folder/directory
PC1% mount /dev/fd0 /media/disk

You should see a picture of a disk on the desktop and can access the floppy in a GUI fashion from there if you wish.
C.2: Copy Files: To copy files from the command line to a floppy all that needs to be done is:

PC1% cp filename [more files and be places after this] /media/disk/

C.3: Formatting: The floppy may not be formatted so you may received an unable to read error. If this occurs you
can format the floppy like so BEFORE mounting it:

PC1% mkfs t msdos /dev/fd0

C.4: Unmounting: Before the floppy can be removed safely it needs to be unmounted in Linux. This is done by
using the command:

PC1% umount /media/disk

LAB 0NE: Introduction to Linux and Equipment 5
- 5 -
Once the floppy is unmounted you can ejected it from the bay using the button.

NOTE: The command is umount not unmount.

Sometimes, the floppy will not eject. If this event occurs try using these commands:

PC1% umount f /media/disk OR
PC1% umount l /media/disk

These will force the floppy to unmount.

USB Drive:
The process to mount a USB drive is similar to a floppy but requires a little more work at the beginning. After setup
it is just a matter of mounting the drive.

C.5: First you need to make a directory to mount the USB drive to (assuming it doesnt already exist):

PC1% mkdir /media/usbdrive
PC1% chmod 700 /media/usbdrive

C.6: Mounting: Now we can mount the drive:

PC1% mount /dev/sda1 /media/usbdrive

Thats it! The USB drive should be accessible with all file manipulation commands.

NOTE: With most USB drives, Linux will auto-mount, and an icon will appear on the desktop allowing for file
manipulation.

Exeicise S: Locating configuiation files in Linux
In this section a few configuration files will be used to explore the ability to change environment variables in Linux.

PART A: 0sing the moie Commanu

SAvE BATA:
A.1: On PC1 use the more command to look at the following files (DO NOT change these files). Save these files
for your lab report.

/etc/hosts
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-lo
/etc/sysconfig/network-scripts/ifcfg-eth0
/etc/sysconfig/network-scripts/ifcfg-eth1

Exeicise 4: The Ping commanu
The ping command lets you debug IP networks by sending an ICMP echo request datagram to a remote interface
and waiting for an ICMP echo Reply in return. In this way the ping command will discover the distance to the host
(measured in time) and other essential information (for example, whether or not the host can be reached).

PART A: Issuing a Ping commanu
Save the output of the commands used for your lab report.

SAvE BATA:
A.1: On PC1 send five ping messages to PC2 using:

LAB 0NE: Introduction to Linux and Equipment 6
- 6 -
PC1% ping c 5 10.0.1.12

SAvE BATA:
A.2: On PC2, issue a ping of five ping messages to PC1

SAvE BATA:
A.3: On PC2 issue a ping to the loopback interface, 127.0.0.1.

Exeicise S: 0sing !"#$%&#
Tcpdump allows you to capture traffic on a network and display the packet headers of the captured traffic. It can be
used to identify network problems or to monitor network activities. See Section 3 of the Introduction in the Internet
Lab Manual for more details on the tcpdump command and its uses in network traffic analysis.

PART A: Simple !"#$%&# exeicise
Use tcpdump to observe the network traffic that is generated by issuing ping commands.

SAvE BATA:
A.1: On PC1 start tcpdump (saving the output for your lab report) so that it monitors all packets that contain the IP
address of PC2 by typing
PC1% tcpdump n host 10.0.1.12

A.2: Open a new terminal window and execute a ping command to PC2
PC1% ping c 1 10.0.1.12

NOTE: If you use the tee or tail commands to simultaneously view and save the output from tcpdump, you need to
use the l option of tcpdump. For example,
tcpdump n l > filename & tail f filename
tcpdump n l | tee filename
It may be necessary to press Ctrl-C to terminate the tcpdump session. It may sometimes be best to simply redirect
the output of tcpdump straight to a file (e.g. tcpdump > filename) and view it afterward with the more command or a
text editor.


PART B: Anothei !"#$%&# tiaffic captuie
SAvE BATA:
B.1: On PC1, start capturing packets using the tcpdump n command. Save the output for your lab report.

SAvE BATA:
B.2: In another window, issue a ping to the nonexistent IP address 111.111.111.111. Save the output for your lab
report (you will need to capture stderr).
PC1% ping c 1 111.111.111.111

SAvE BATA:
B.3: Issue a ping (saving the output for your lab report) to the broadcast address 10.0.1.255 using the command:
PC1% ping c 1 b 10.0.1.255
LAB 0NE: Introduction to Linux and Equipment 7
- 7 -

Exeicise 6: 0sing Wiieshaik
Wireshark is a program that allows you to examine captured packets across a network and analyze them
interactively.

Wireshark is available for free download at http://www.wireshark.org/. There is documentation available on that
site, and a tutorial and tips for how to effectively use Wireshark (formerly Ethereal) can also be found at
http://www.onlamp.com/pub/a/security/2004/05/13/etherealtips.html.

PART A: Running Wiieshaik

A.1: Opening Wireshark: In a terminal window type wireshark &. This will open the wireshark GUI window
and allow you to use the terminal window for other purposes.


Figure 2: Wireshark main GUI window

A.2: Selecting Capture Options: In Wireshark:
Step 1: Go to Capture: Options
Step 2: A display will pop up with Wireshark Capture Options
as the title
Step 3: Select eth0 in Interface
Step 4: Select Capture packets in promiscuous mode
Step 5: Select Update list of packets in real time
Step 6: Select Automatic scrolling in live capture
Step 7: Select Hide Capture info dialog
Step 8: Unselect Enable MAC name resolution
Step 9: Unselect Enable network name resolution
Step 10: Unselect Enable transport name resolution
Step 11: Click OK (wireshark is now running and capturing
packets)
NOTE: Use these settings for every lab and every time you
use Wireshark aside from the interface and filter.

KEEP WIRESHARK OPEN, DO NOT CLOSE.


LAB 0NE: Introduction to Linux and Equipment 8
- 8 -

PART B: Captuie Packets with Wiieshaik
B.1: Wireshark is now running and data needs to be collected (You may have seen some packets from the loopback
interface and Cisco protocols being sent across the network). On PC1:

PC1% ping c 2 10.0.1.13

B.2: We can view detailed information about a packet, so choose one that is of type ICMP and click it. You will see
all of the packet information (expandable) in the bottom two frames.

B.3: Stop the traffic capture by hitting the stop button in the Wireshark Capture window.


SAvE BATA:
B.4: Save the data in Wireshark as a text file by: 1-
going to File menu, and selecting the Print option
2- Print selecting the following Format:
A)Plain Text option,
B)Select Output to
File: and input a file
name with the FULL path
(i.e.-/root/labdata/<user>/filename.txt)
C)Select Packet Details:
with All expanded marked.
D)Then hit the OK button. The
file should now be saved in
/root/labdata/<user>.

SAvE BATA:
B.5 Go back through same process and save the file
with the Print Summary line option this time.


NOTE: When saving wireshark data in future labs save
using both the Print Summary and Print Detail options,
unless asked otherwise.




















LAB 0NE: Introduction to Linux and Equipment 9
- 9 -
RENENBER T0 C0PY SAvEB FILES T0 Y00R 0SB BRIvE 0R FL0PPY!
LAB REP0RT
Exercise 1 Questions:
None.

Exercise 2 Questions:
2.1 Include each saved usrfile_x in your lab report.

Exercise 3 Questions:
Using the files from the exercise explain and answer the following questions:

3.1 Which file is used to set the hostname for the Linux PC? What variable is used to set the hostname?
3.2 What is the purpose of the /etc/hosts file?
3.3 Which file is used to configure the IP address of interface eth0? What variable is used to set the IP address?

Exercise 4 Questions:
4.1 Include the output of the ping commands
4.2 Explain the difference between the Ethernet interfaces and the loopback interface. I.e. what is the difference
between pinging 10.0.1.12 and 127.0.0.1. What are possible uses of the loopback interface?

Exercise 5 Questions:
5.1 Include the saved files from Part A and B of Exercise 5.
5.2 Interpret the results captured in the saved files.
5.3 How many of the Linux PCs responded to the broadcast ping?

Exercise 6 Questions:
6.1 Include the captured data from the wireshark experiment in the lab report.
6.2 Explain the difference between the detailed output and the summary output. How can both be used effectively to
gain knowledge? Which one is more advantageous to use?