This shows you the differences between two versions of the page.
ep:labs:04:contents:tasks:ex2 [2021/10/05 12:57] radu.mantu [02. [??p] Network Exploration] |
ep:labs:04:contents:tasks:ex2 [2023/10/29 20:47] (current) radu.mantu |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ==== 02. [??p] Network Exploration ==== | + | ==== 02. [30p] Network Exploration ==== |
- | === [??p] Task A - ARP vs ICMP === | + | === [10p] Task A - ARP vs ICMP === |
The [[https://datatracker.ietf.org/doc/html/rfc826|Address Resolution Protocol (ARP)]] resolves layer 2 addresses (MAC) from layer 3 addresses (e.g.: IP). Normally, all hosts are compelled to reply to ARP requests, but this can be fiddled with using tools such as **arptables**. You can show the currently known neighbors using **iproute2**. | The [[https://datatracker.ietf.org/doc/html/rfc826|Address Resolution Protocol (ARP)]] resolves layer 2 addresses (MAC) from layer 3 addresses (e.g.: IP). Normally, all hosts are compelled to reply to ARP requests, but this can be fiddled with using tools such as **arptables**. You can show the currently known neighbors using **iproute2**. | ||
Line 10: | Line 10: | ||
<note tip> | <note tip> | ||
- | //Pro tip #2:// Yes, **ip** can also generate color output. Most people don't know this and still use **ifconfig**, even though it's already deprecated at this point. Add this as an alias to your //.bashrc// or //.zshrc// and source it. | + | //Pro tip #2//: yes, **ip** can also generate color output. Most people don't know this and still use **ifconfig**, even though it's already deprecated at this point. Add this as an alias to your //.bashrc// or //.zshrc// and source it. |
<code bash> | <code bash> | ||
Line 79: | Line 79: | ||
</solution> | </solution> | ||
- | === [??p] Task B - nmap vs traceroute === | + | === [20p] Task B - nmap vs traceroute === |
**nmap** is a network exploration tool and a port scanner. Today, we will look only at a specific functionality that it shares with the **traceroute** utility. | **nmap** is a network exploration tool and a port scanner. Today, we will look only at a specific functionality that it shares with the **traceroute** utility. | ||
Line 106: | Line 106: | ||
* uses ICMP because we didn't perform a port scan first | * uses ICMP because we didn't perform a port scan first | ||
</solution> | </solution> | ||
+ | |||
+ | <note tip> | ||
+ | Troubleshooting: | ||
+ | * **permission denied** : make sure that **nmap** is not installed as a **snap**; you have two choices: | ||
+ | * reinstall **nmap** with apt : ''sudo snap remove nmap && sudo apt install nmap'' | ||
+ | * grant **nmap** permissions : ''snap connect nmap:network-control'' | ||
+ | </note> | ||
If we do allow for a port scan by removing ''-sn'' (default is a TCP-based scan; use ''-sU'' for a UDP scan), this will take place //before// the actual traceroute. What changes does this bring? | If we do allow for a port scan by removing ''-sn'' (default is a TCP-based scan; use ''-sU'' for a UDP scan), this will take place //before// the actual traceroute. What changes does this bring? | ||
Line 113: | Line 120: | ||
</solution> | </solution> | ||
+ | == Optional Task (... no, really) == | ||
+ | |||
+ | When doing the TCP scan with **nmap**, you may have noticed a weird field in the TCP header: **Options**. | ||
+ | Generate some TCP traffic with **curl** and look at the SYN packet in **wireshark**. What options do you see there? | ||
+ | |||
+ | [[https://www.firewall.cx/networking-topics/protocols/tcp/138-tcp-options.html|Here]] is a quick break down of the more common TCP options and how they are used to overcome protocol limitations and improve throughput. Take a quick look if you want, then move on. We'll dive deeper into protocol options in the next task. |