intro linux lab

Prelab 1 – Introduction to Linux and Equipment 1. Review the Linux man pages for chmod, cp, hosts, kill, ls, man, more, mkdir, mv, ping, pwd, rm,

rmdir, and tcpdump at www.linuxmanpages.com. 2. Read about the /etc/sysconfig/network file and /etc/sysconfig/network-scripts/ifcfg-<interface-

name> scripts at the Linux Network Config Files link on the class we page. 3. Read Introduction to Mastering Networks.

Question Sheet for Prelab 1 1. What will happen if you type man man in Linux? 2. How can you use the command ls to find out about the size of the file /etc/lilo.con? 3. What happens to the files in the command mv file1 file2? Which option of mv issues a warning? 4. What is the command that you issue if you are in directory / and want to copy the file /mydata to directory /labdata? 5. What is the command that you issue if you are in directory / and want to copy all files and directories under /mydirectory to directory /newdirectory? 6. What happens when you type rm * in a directory? 7. What is the command used to delete all files and directories under the directory /mydirectory?

LAB ONE: Introduction to Linux and Equipment 2

- 2 -

LAB 1 In this lab you will familiarize yourself with the Linux boxes, the Cisco equipment, and some of the networking tools. NOTE: Remember to reboot the machines before using them by either using the GNOME reboot option or typing ‘reboot’ in the terminal as root. SAVE ALL FILES IN /root/labdata/<user> (where your <user> is your cat’s/email ID). All files you create should be saved to the storage you choose in Part C. SUGGESTION - unless a specific name is requested, use the following name format for the files you save: [Exercise]-[Part]-[Question]-PC-<command>. For example 5-A-4-PC1-tcpdump. This will help ensure you can find the data needed for the lab report.

Network Setup FOR LAB 1 Connect the PCs according to the diagram below to a single switch. Note: do not use port 24 on the switches as it has been configured to behave differently from the other ports – you will find out about this in later labs.

1.1 Topology for Lab 1

The table below contains the IP address for each of the Linux PCs; these should be preconfigured:

PC IP address of eth0 PC1 10.0.1.11/24 PC2 10.0.1.12/24 PC3 10.0.1.13/24 PC4 10.0.1.14/24


- 3 -

Exercise 1 PART A: Setting up The Network Refer to the diagram above to see what the network “looks” like: A.1: Connect each PC’s eth0 port to an associated port on the switch (any port will do for this exercise). A.2: Make sure eth0 is up on each PC by typing in the terminal: ifconfig eth0 This will bring up configuration information about eth0 only. PART B: Testing Connectivity After being connected, all four hosts (Linux PCs) should be able to communicate with each other: B.1: We will use ping to test connectivity between the PCs. B.2. Switch to PC1 and issue a ping to PC2, PC3, and PC4 by typing: PC1% ping –c 5 10.0.1.12 (Ping to PC2) PC1% ping –c 5 10.0.1.13 (Ping to PC3) PC1% ping –c 5 10.0.1.14 (Ping to PC4) B.3: Use the KVM switch to work on PC3 and in a terminal window ping PC1, PC2, and PC4 using their respective IP addresses. Exercise 2: Learning Linux Before starting this lab keep these commands in mind: man pwd ls more tcpdump

mv cp rm mkdir rmdir

chmod (p)kill ping cd

PART A: Familiarizing with Commands The goal of this section is to acquaint yourself with the Linux command line by executing everyday tasks. Some of the tasks may require multiple commands to complete: A.1: Change to the home directory of root. A.2: Make a directory called test in the directory you just entered. A.3: Copy the file /etc/hosts to the test directory just created. A.4: Change the current directory to test. A.5: Change the name of the file hosts to oldhosts. A.6: List the content of the directory test. A.7: List the content of oldhosts. A.8: Remove all files in directory test. A.9: Remove the directory test.


- 4 -

PART B: Saving Data In the Terminal This section will show you how to save output into a text file for review at a later date: B.1: There are several operators that help save files. The most common are >>, >, and | (pipe). We will be using the pipe since it is the most convenient way to view and save output at the same time. You can use the pipe to send data to another program on the command line, for example to save a text file from a list command: PC% ls | tee filename This lists a directory and uses the ‘tee’ program that opens a file writing operator taking input from the standard out of ls and outputting it to the filename from the standard out of each program. Use this to save any data from commands on the command line that you need. B.2: Data can also be saved from the terminal through Cut and Paste. Highlight information and hit Shift-Ctrl-C, then paste into a text editor with Ctrl-V. Gedit is the GNOME Text Editor and can be run from the GUI main menu or by typing gedit in a terminal window. SAVE DATA: B.3: Save the output of the command ls –l /usr to a file named usrfile_x where x is the method for saving: 1 for piping and tee, 2 for cut and paste into a text editor. (Remember, save in the /root/labdata/<user> directory) PART C: Saving/Copying Files to Floppy/USB Drive This section will show you how to mount a floppy in Linux and how to save your files to it. NOTE: Only read the section for the storage method you choose. Floppy: C.1: Mounting: Check to see if the floppy drive is empty, if not go down to step C.4 to unmount it. To mount the floppy: First check to see if you have a folder to link the media to: PC1% ls /media/disk If there is no folder or directory, ls: /media/disk: No such file or directory Then you must create one in the root directory, PC1% mkdir -p /media/disk Then you must mount the disk to the created folder/directory PC1% mount /dev/fd0 /media/disk You should see a picture of a disk on the desktop and can access the floppy in a GUI fashion from there if you wish. C.2: Copy Files: To copy files from the command line to a floppy all that needs to be done is: PC1% cp filename [more files and be places after this] /media/disk/ C.3: Formatting: The floppy may not be formatted so you may received an ‘unable to read’ error. If this occurs you can format the floppy like so BEFORE mounting it: PC1% mkfs –t msdos /dev/fd0 C.4: Unmounting: Before the floppy can be removed safely it needs to be unmounted in Linux. This is done by using the command: PC1% umount /media/disk


- 5 -

Once the floppy is ‘unmounted’ you can ejected it from the bay using the button. NOTE: The command is umount not unmount. Sometimes, the floppy will not eject. If this event occurs try using these commands: PC1% umount –f /media/disk OR PC1% umount –l /media/disk These will force the floppy to unmount. USB Drive: The process to mount a USB drive is similar to a floppy but requires a little more work at the beginning. After setup it is just a matter of mounting the drive. C.5: First you need to make a directory to mount the USB drive to (assuming it doesn’t already exist): PC1% mkdir /media/usbdrive PC1% chmod 700 /media/usbdrive C.6: Mounting: Now we can mount the drive: PC1% mount /dev/sda1 /media/usbdrive That’s it! The USB drive should be accessible with all file manipulation commands. NOTE: With most USB drives, Linux will auto-mount, and an icon will appear on the desktop allowing for file manipulation. Exercise 3: Locating configuration files in Linux In this section a few configuration files will be used to explore the ability to change environment variables in Linux. PART A: Using the more Command SAVE DATA: A.1: On PC1 use the more command to look at the following files (DO NOT change these files). Save these files for your lab report. /etc/hosts /etc/sysconfig/network /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1 Exercise 4: The Ping command The ping command lets you debug IP networks by sending an ICMP echo request datagram to a remote interface and waiting for an ICMP echo Reply in return. In this way the ping command will discover the ‘distance’ to the host (measured in time) and other essential information (for example, whether or not the host can be reached). PART A: Issuing a Ping command Save the output of the commands used for your lab report. SAVE DATA: A.1: On PC1 send five ping messages to PC2 using:


- 6 -

PC1% ping –c 5 10.0.1.12 SAVE DATA: A.2: On PC2, issue a ping of five ping messages to PC1 SAVE DATA: A.3: On PC2 issue a ping to the loopback interface, 127.0.0.1. Exercise 5: Using tcpdump Tcpdump allows you to capture traffic on a network and display the packet headers of the captured traffic. It can be used to identify network problems or to monitor network activities. See Section 3 of the Introduction in the Internet Lab Manual for more details on the tcpdump command and its uses in network traffic analysis. PART A: Simple tcpdump exercise Use tcpdump to observe the network traffic that is generated by issuing ping commands. SAVE DATA: A.1: On PC1 start tcpdump (saving the output for your lab report) so that it monitors all packets that contain the IP address of PC2 by typing PC1% tcpdump –n host 10.0.1.12 A.2: Open a new terminal window and execute a ping command to PC2 PC1% ping –c 1 10.0.1.12 NOTE: If you use the tee or tail commands to simultaneously view and save the output from tcpdump, you need to use the –l option of tcpdump. For example, tcpdump –n –l > filename & tail –f filename tcpdump –n –l | tee filename It may be necessary to press Ctrl-C to terminate the tcpdump session. It may sometimes be best to simply redirect the output of tcpdump straight to a file (e.g. tcpdump > filename) and view it afterward with the more command or a text editor. PART B: Another tcpdump traffic capture SAVE DATA: B.1: On PC1, start capturing packets using the tcpdump –n command. Save the output for your lab report. SAVE DATA: B.2: In another window, issue a ping to the nonexistent IP address 111.111.111.111. Save the output for your lab report (you will need to capture stderr). PC1% ping –c 1 111.111.111.111 SAVE DATA: B.3: Issue a ping (saving the output for your lab report) to the broadcast address 10.0.1.255 using the command: PC1% ping –c 1 –b 10.0.1.255


- 7 -

Exercise 6: Using Wireshark Wireshark is a program that allows you to examine ‘captured’ packets across a network and analyze them interactively. Wireshark is available for free download at http://www.wireshark.org/. There is documentation available on that site, and a tutorial and tips for how to effectively use Wireshark (formerly Ethereal) can also be found at http://www.onlamp.com/pub/a/security/2004/05/13/etherealtips.html. PART A: Running Wireshark A.1: Opening Wireshark: In a terminal window type wireshark &. This will open the wireshark GUI window and allow you to use the terminal window for other purposes.

Figure 2: Wireshark main GUI window A.2: Selecting Capture Options: In Wireshark: Step 1: Go to Capture: Options Step 2: A display will pop up with Wireshark Capture Options as the title Step 3: Select eth0 in Interface Step 4: Select Capture packets in promiscuous mode Step 5: Select Update list of packets in real time Step 6: Select Automatic scrolling in live capture Step 7: Select Hide Capture info dialog Step 8: Unselect Enable MAC name resolution Step 9: Unselect Enable network name resolution Step 10: Unselect Enable transport name resolution Step 11: Click OK (wireshark is now running and capturing packets) NOTE: Use these settings for every lab and every time you use Wireshark aside from the interface and filter. KEEP WIRESHARK OPEN, DO NOT CLOSE.


- 8 -

PART B: Capture Packets with Wireshark B.1: Wireshark is now running and data needs to be collected (You may have seen some packets from the loopback interface and Cisco protocols being sent across the network). On PC1: PC1% ping –c 2 10.0.1.13 B.2: We can view detailed information about a packet, so choose one that is of type ICMP and click it. You will see all of the packet information (expandable) in the bottom two frames. B.3: Stop the traffic capture by hitting the ‘stop’ button in the Wireshark Capture window. SAVE DATA: B.4: Save the data in Wireshark as a text file by: 1-going to File menu, and selecting the Print option 2- Print selecting the following Format: A)Plain Text option, B)Select Output to File: and input a file name with the FULL path (i.e.-/root/labdata/<user>/filename.txt) C)Select Packet Details: with All expanded marked. D)Then hit the OK button. The file should now be saved in /root/labdata/<user>. SAVE DATA: B.5 Go back through same process and save the file with the Print Summary line option this time. NOTE: When saving wireshark data in future labs save using both the Print Summary and Print Detail options, unless asked otherwise.


- 9 -

REMEMBER TO COPY SAVED FILES TO YOUR USB DRIVE OR FLOPPY! LAB REPORT Exercise 1 Questions: None. Exercise 2 Questions: 2.1 Include each saved usrfile_x in your lab report. Exercise 3 Questions: Using the files from the exercise explain and answer the following questions: 3.1 Which file is used to set the hostname for the Linux PC? What variable is used to set the hostname? 3.2 What is the purpose of the /etc/hosts file? 3.3 Which file is used to configure the IP address of interface eth0? What variable is used to set the IP address? Exercise 4 Questions: 4.1 Include the output of the ping commands 4.2 Explain the difference between the Ethernet interfaces and the loopback interface. I.e. what is the difference between pinging 10.0.1.12 and 127.0.0.1. What are possible uses of the loopback interface? Exercise 5 Questions: 5.1 Include the saved files from Part A and B of Exercise 5. 5.2 Interpret the results captured in the saved files. 5.3 How many of the Linux PCs responded to the broadcast ping? Exercise 6 Questions: 6.1 Include the captured data from the wireshark experiment in the lab report. 6.2 Explain the difference between the detailed output and the summary output. How can both be used effectively to gain knowledge? Which one is more advantageous to use?

intro linux lab

Documents