Gerência de redes avançadas

Aula 2 – Gerência ad hocCerutti

Aviso:• Não é possível entender como defender uma rede

sem conhecer os ataques.• Os exercícios e ferramentas demonstrados nas

aulas servem ao propósito de “SABER ESPERAR AS AMEAÇAS AO CAPITAL INTELECTUAL” das empresas/instituições/pessoas

• Qualquer uso do conhecimento adquirido em sala para “testar” ou indevidamente colocar em risco QUALQUER dispositivo será visto como INFRAÇÃO GRAVE ao estatuto do IES e estará sujeito a penalidades da legislação brasileira e/ou do país onde o dispositivo em questão foi ameaçado.

Gerência Ad Hoc

ICMP Ping Trace

TCPDUMP DHCP TELNET

NMAP Scan

Netstat ARPComandos

ICMP

• Internet control message protocol

• Ping envia msg ICMP request• Recebe um ICMP REPLY

ARP

• Address resolution protocol• 192.168.1.36• 18:17:25: 1d:50:8c gw

Packet Internet Gopher

noun1 (also pocket gopher)a burrowing rodent with fur-lined pouches on the outside of the cheeks, found in North and Central America.[Family Geomyidae: several genera and species.]• informal another term for ground squirrel.2 (also gopher tortoise)a tortoise of dry sandy regions that excavates tunnels as shelter from the sun, native to the southern US.[Gopherus polyphemus, family Testudinidae.]3 (also Gopher) Computing a menu-based system for Internet searching and document retrieval, largely superseded by the World Wide Web.[1990s: named after the gopher mascot of the University of Minnesota, where the system was invented.]ORIGIN late 18th cent.: perhaps from Canadian French gaufre ‘

Wikipédia Gopher

• Gopher é um protocolo de redes de computadores que foi desenhado para distribuir, procurar e aceder a documentos na Internet, criado na Universidade de Minesota.

• Características• Acessado através da porta 70, as informações acessadas

através do Gopher ficam localizadas em servidores apropriados nos quais roda um programa que as organiza por assunto, e as disponibiliza organizadas em uma estrutura hierárquica na forma de menus (diretórios), semelhante àquela do seu gerenciador de arquivos.

• Cada vez que você clica sobre uma pasta o Gopher mostra a você as outras pastas e/ou arquivos que se encontram dentro desta (navega para um nível mais interno na hierarquia).

Ping Exercise Part 1 (30 points)•Pick the address of a site you visit. You are going to use it to test some network diagnostics. What happened when you ping your site?•Try it with a few more examples. What is happening?•How can ping be useful?

Type ping /? To find the various options there are

Using the count request option to send 5 instead of 4

Useful or not?

• Simply pinging a remote host (a computer that is on one’s internet but not on one’s network) usually has an all or nothing outcome and as such can provide somewhat limited information

• A sequence of pinging can provide more information (see MCSE TCP/IP for Dummies)

Pinging yourself using localhost or 127.0.0.1: verifies that TCP/IP has been installed and started correctly

Reserved IP address

Pinging yourself using your IP, checks that the IP is valid

You can use another utility ipconfig to find your IP if you don’t know it

Go to the start commandSelect the option run and type command.comYou now have the black window and we are

going to use this to check our connection.Run ipconfig—what is your address? What can

you tell from your about your connection?

Pinging the Gateway – timing out here may indicate a problem with the router

Gateway

• Recall that one gets an internet by connecting more networks

• The point at which data leaves one (local) network and enters another is known as a gateway

• A node (a device on the Internet) can be either a gateway, router, or a host (end-point).

Host/Gateway

• When you are looking at some site on the net, your computer and the one containing the site are hosts

• On the other hand, the computers that direct the traffic, for example your Internet service provider (ISP) are gateway/router nodes.

Traceroute

• A utility that traces (determines the route taken by) a packet from your computer (the local host) to some other host on the network – It doesn’t actually follow a single packet but sends out

a series of packets– The packets are restricted in the number of “hops” they

can take • It is limited by the time-to-live (TTL) field

– When the limit is reached, information about the node is (should be) returned

– Each consecutive packet is allowed one more hop

hop

• A hop is when a packet is transmitted from one node to the next.

• “Some Internet Service Providers (ISPs) advertise how many hops away from Internet backbone they are. Theoretically, the fewer hops it takes to get your data onto the backbone, the faster your access will be.” (webopedia)

Traceroute (Cont.)

• Traceroute shows how many hops were required to reach the destination as well as the length of time for each hop.

• When the web is sluggish, you can use traceroute to determine where the congestion lies.

Traceroute (Cont.)

• The original traceroute was for UNIX utility • Windows has a traceroute utility called

tracert. • Go to Start/Run, type cmd, and then type

“tracert” followed by the domain name of the host.

• For example: tracert www.webopedia.com

tracert www.whatis.com

Tracert Exercise Part 2 (40 points)

• Using the command.com and tracert command, find the command to

• www.whatis.com• 139.84.19.200• Ask your neighbor for their ip address—trace

the route to them.

Other TCP/IP diagnostic commands

• Nbtstat• Netstat• Ipconfig• Arp• Hostname• Route• Look up these commands and see what they mean.

Prepare a table with the list and the job of each command….site your sources.

Another Exercise part 3 (30 points)

• Find the ipconfig for your machine.• Open the command window• Look at the options for the NBTSTAT

command.• Run the NBTSTAT command using your ip

address for your machine. Use the –A option. What did you find out?