ECEN4533 Homework Problem (20 points extra credit, due by midnight 6 May 2011) Purpose: To (slightly) familiarize the student

with some of the tools used in network troubleshooting. Procedure: On your home PC... *Find Dr. Scheets' personal home page & scroll down to "THE SCIENCE AND ENGINEERING EXPERIENCE" & click on one of the following links: Bridge Building 101 Museum of Unworkable Devices Welcome Mat Annuals of Improbable Research Ig Noble Prizes Museum of Retro Technology (then click on an article) My Hero, 'Hanging Judge' Parker *Or click on one of the following http://www.srh.noaa.gov/oun/ http://medlineplus.gov/ http://www.visi.com/juan/congress/ NOTE: Today, much web traffic is encrypted and/or compressed. Wireshark will not properly display text in either case. The above sites have been around for awhile, and as of this time last year, were not using compression. *Claim this link by emailing Dr. Scheets, who will turn around and notify the class as each site is claimed. Each student must use a different link. If they're all claimed you'll have to find another link with uncompressed text. *From the command line of your home PC, execute a trace route (tracert xxx) to the claimed web site. If you get three "request timed out" notifications in a row, you've probably hit a destination firewall which will block further progress. Hit the "control" and "c" buttons simultaneously to terminate the trace route. Save this file to a text document such as Microsoft Word. To load this into the copy buffer, right click on some text, click "mark", highlight the entire file, then hit your keyboard's carriage return. You should then be able to paste the file. *Identify the listed owners of all unnamed routers traversed. Sites such as www.arin.net can provide such info. *As best you can, from the trace route, identify the cities traversed. Some geo-location services include... http://www.melissadata.com/lookups/iplocation.asp http://www.ip2location.com/free.asp http://www.ip-adress.com/ip_tracer/ Note though, that they aren't always 100% accurate. *Using Wireshark, capture the downloading of a web page from this site. -Fire up Wireshark, click on "Capture", "Interfaces", then click the "Start" button on the interface with an Ethernet NIC. You need to have administrator privileges to see these. -Hit the reload button on your web browser. When the reload is completed, shut down the

The x. (1) Were there any packets lost or received out of order in your web page down load? (2) Was Fast Retransmission used? If so. how many times. Scheets or a class mate if you're having trouble. and where your selected portion of the web page text is located. and your best guess of the cities traveled by packets moving between your PC and the server. the click "Find". (4) Packet numbers where the initial TCP 3-way handshake occurred. click on "string". This is easiest to do if you click on the magnifying glass on the 2nd row of Wireshark. Verify the packets shown have either the source or destination IP addresses for your computer. (5) Screen capture of the web page in (4) above.x. Record the server & PC advertised window sizes. Your IP address can be found by typing "ipconfig/all" or just "ipconfig" on the command line or poking around Wireshark. This will hide the other packets and allow you to focus on the web page down load. -Save your capture file. Word. <<<<<>>>>> .addr eq x. The box will turn green when everything is correct. Destinations" or others. -Execute a screen capture (simultaneously press "alt" and "print screen") of the web page in question. and the type of protocol you're attached to the Internet with. -Depending on your firewall settings. in the "filter" box on Wireshark (3rd row from the top) type "ip. (3) How many servers provided data for this web page display? Turn in: (1) Trace route listing (2) List of owners for each router traversed. or some other program and save the file. Identify and record the advertised Maximum Segment Sizes. You can find these by digging into the TCP header. and the round trip time.x.x" without the quotes. Dig down into the packet highlighted and verify you've got the text that matches your web page screen. Click "apply". answer the following questions. Conversations. (3) Wireshark capture file. Somewhere you need to note your selected text. -Identify and record the numbers of the captured packets containing TCP's three way handshake that opened the initial logical link from your PC to the server.Wireshark capture process by clicking on "Capture". -Within a packet. "Stop". Identify the ACK of this particular packet. you may or may not capture traffic that is not addressed to your computer.x.x. Expert Info" or "Statistics: Summary. Feel free to contact Dr. identify a portion of text that is printed on the web page. Record the packet number. -Using Wireshark and tools such as "Analyze: Follow TCP Stream. whether or not you're using a home router.x should be your PC's IP address in dotted decimal format. Paste it into Microsoft Paint. type in 1-2 words in the filter line. If other addresses are on the line. or Power Point. Answers to the three questions above.

Sign up to vote on this title
UsefulNot useful