Pre-assignment: Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Ethereal is available for Windows and Linux (http://www.ethereal.com/download.html).

Before installing Ethereal for Windows, you must first install WinCap (from http://winpcap.polito.it/) to allow for the capture of network packets.

Assignment:

1. Review how to connect to the VPN concentrator
2. Use VNC to connect to Sail1, Sail2, Sail3, Sail6, or Sail7

• Ethereal has been installed on Sail1, Sail2, Sail3, Sail6, and Sail7
• Connect to one of these computers and
• double-click on the Ethereal icon.
• Pull down the Capture menu and select Start. [be sure to have the Ethernet card selected as the Interface. Otherwise there won't be any traffic monitored]
• Allow Ethereal to run for about 60 seconds before pressing the Stop button. While Ethereal is running, try the following from the command prompt window.
  • ping 10.0.0.1
  • ping 10.0.3.5
  • telnet to 10.0.3.3
  • ftp to 10.0.3.4
  • Use your browser to connect to Sail4 and Sail5
• Inspect the results.
• Pull down the statistics menus and select Protocol Hierarchy Statistics to see a summary of the packets received.
• For variety, you might want to have one of the other computers open and run different TCP/IP programs like ping, nslookup, etc.

Post-assignment: SUBMIT TO DROP-BOX in WebCT.

Submit answers to the following questions based on the reports you generated. [Use the statistics menu to find most of these answers].

1. How many packets were captured?
2. How many packets were dropped [look in the summary]?
3. Describe the different types of protocols captured and the different levels of communications (use the different tabs in Conversations).
4. Were there any unexpected "conversations"?
5. Which device(s) did your computer "talk" to the most?
6. Which are the most frequent type of packets captured?
7. Was the traffic constant [look at the IO Graph]?
8. Describe several uses of Ethereal?
9. Which feature of Ethereal did you find the most useful and why?
10. Which feature of Ethereal did you find the most difficult to use and why?