Lab tcpdump and traceroute PART A Linux virtual machine The first step is to create a Linux virtual machine so that software can be installed on it and command can be run on it with root access Download a Linux distribution iso file such as mx linux (x64 iso file from https mxlinux org wiki system iso download mirrors ) Run VMware Workstation Pro and create a new virtual machine Press create a new virtual machine Select Installer disc image file (iso) Click Browse and select your iso file Select the correct operating system (Linux Debian 9 x 64bit) Follow the prompt to create the virtual machine Under Devices, change the number of processors to 2 and the memory to 4GB By clicking on processor, you can change the number of processors, and by clicking on memory, you can change the available memory Power on your virtual machine and install Linux Select your virtual machine from left pane and press the green run button Wait for the machine to boot from the iso file It may take several minutes Wait for the welcome message to appear and close it Single click on Installer icon and follow the prompt to install it by clicking next Select yes to format the partition Now you can choose user name and password Remember the user name, user password, and root password that you select Once completed, click on finish and press enter to restart the machine Log into the machine, press the lower left icon, and enter terminal to run the Xfce terminal PART B tcpdump If tcpdump is not installed, use the following command to install it sudo apt get install tcpdump Use tcpdump help to learn about this command and how to use it Use sudo tcpdump e x n to capture the packets You must let tcpdump capture at least for a minute or so From the output you should be able to find the IP address of all the networking devices that are communicating Press Ctrl c to abort it Note e and x switches show link level header and data of each packet n shows IP addresses instead of the computer names You can use w switch to save the captured information in a file In a word document Put screenshots of your results Tabulate MAC address, IP address, and port of the sender receiver Summarize functionality of tcpdump, and describe your tcpdump output and the list of nodes that you discovered PART C traceroute Try to map the network from the IP address you found in Part B Use traceroute help to learn about this command and how to use it Use this command to trace the route of the first three hosts found in Part A If the host is in the same segment you will get the reply from the host directly, in which case you will have only one entry If the host is another segment, then you will more than one reply indicating routers along the way your host In your word document, put a screenshot of your results

The Answer is in the image, click to view ...

Answered step by step

Verified Expert Solution

Link Copied!

Question

1 Approved Answer

Posted on Sep 24, 2024

Lab: tcpdump and traceroute PART A: Linux virtual machine The first step is to create a Linux virtual machine so that software can be installed

Lab: tcpdump and traceroute

PART A: Linux virtual machine

The first step is to create a Linux virtual machine so that software can be installed on it and command can be run on it with root access.

Download a Linux distribution iso file such as mx linux.

(x64 iso file from https://mxlinux.org/wiki/system/iso-download-mirrors/)

Run VMware Workstation Pro and create a new virtual machine:
1. Press create a new virtual machine.
2. Select Installer disc image file (iso)
3. Click Browse and select your iso file.
4. Select the correct operating system (Linux Debian 9.x 64bit).
5. Follow the prompt to create the virtual machine.
6. Under Devices, change the number of processors to 2 and the memory to 4GB. By clicking on processor, you can change the number of processors, and by clicking on memory, you can change the available memory.
Power on your virtual machine and install Linux.
1. Select your virtual machine from left pane and press the green run button.
2. Wait for the machine to boot from the iso file. It may take several minutes.
3. Wait for the welcome message to appear and close it.
4. Single click on Installer icon and follow the prompt to install it by clicking next. Select yes to format the partition.
5. Now you can choose user name and password. Remember the user name, user password, and root password that you select.
6. Once completed, click on finish and press enter to restart the machine.
Log into the machine, press the lower left icon, and enter terminal to run the Xfce terminal.

PART B: tcpdump

If tcpdump is not installed, use the following command to install it:

sudo apt-get install tcpdump

Use tcpdump --help to learn about this command and how to use it.
Use sudo tcpdump -e -x -n to capture the packets. You must let tcpdump capture at least for a minute or so. From the output you should be able to find the IP address of all the networking devices that are communicating. Press Ctrl+c to abort it.

Note: "-e" and "-x" switches show link-level header and data of each packet."-n" shows IP addresses instead of the computer names. You can use "-w" switch to save the captured information in a file.

In a word document:
1. Put screenshots of your results.
2. Tabulate MAC address, IP address, and port of the sender receiver.
3. Summarize functionality of tcpdump, and describe your tcpdump output and the list of nodes that you discovered.

PART C: traceroute

Try to map the network from the IP address you found in Part B:

Use traceroute --help to learn about this command and how to use it.
Use this command to trace the route of the first three hosts found in Part A. If the host is in the same segment you will get the reply from the host directly, in which case you will have only one entry. If the host is another segment, then you will more than one reply indicating routers along the way your host.
In your word document, put a screenshot of your results.