Internet tools

Download Report

Transcript Internet tools

Internet Tool Practice
한두균 ([email protected])
송정환 ([email protected])
2012. 4. 30
1
Outline
• Internet Tools
–
–
–
–
–
–
–
–
–
–
ping
traceroute
nslookup
ifconfig
arp
netstat
synack
nmap
Iperf
crontab
• Homeworks
2
ping (1/3)
•
•
•
•
Send an ICMP ECHO_REQUEST message to a host
Test whether another host is reachable
Measures the Round-Trip Time(RTT) to the host
Usage
– ping [-options value ] destination
– Option type : -s (size), -c (count), -i (interval ), -t (TTL) etc.
– Ex) ping –c 5 mmlab.snu.ac.kr
• Reference
– In the UNIX-like system, man ping
• Because the options of ping are different according to OS, see
man-page for details
• Applicable to all the commands introduced here
3
ping (2/3)
$ ping -c 3 -t 10 mmlab.snu.ac.kr
PING mmlab.snu.ac.kr (147.46.114.112) 56(84) bytes of data.
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=1 ttl=62 time=1.57 ms
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=2 ttl=62 time=0.387 ms
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=3 ttl=62 time=1.41 ms
--- mmlab.snu.ac.kr ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 2005ms
rtt min/avg/max/mdev = 0.387/1.125/1.574/0.525 ms
4
ping (3/3)
$ ping -c 3 -i 3 mmlab.snu.ac.kr
PING mmlab.snu.ac.kr (147.46.114.112) 56(84) bytes of data.
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=1 ttl=62 time=0.411 ms
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=2 ttl=62 time=0.550 ms
64 bytes from mmlab.snu.ac.kr (147.46.114.112): icmp_seq=3 ttl=62 time=80.0 ms
--- mmlab.snu.ac.kr ping statistics --3 packets transmitted, 3 received, 0% packet loss, time 6005ms
rtt min/avg/max/mdev = 0.411/27.002/80.045/37.507 ms
5
traceroute (1/2)
• Let us see the route that IP datagrams follow from
one host to another
– Although there are no guarantees that two consecutive IP
datagrams from the same source to the same destination
follow the same route, most of the time they do.
• Usage
– traceroute [-options value ] hostname
– Ex) traceroute www.snu.ac.kr
6
traceroute (2/2)
$ traceroute mmlab.snu.ac.kr
traceroute to mmlab.snu.ac.kr (147.46.114.112), 30 hops max, 40 byte packets
1 147.46.240.1 (147.46.240.1) 0.411 ms 0.429 ms 1.357 ms
2 147.47.20.129 (147.47.20.129) 13.857 ms 0.463 ms 1.358 ms
3 mmlab (147.46.114.112) 0.330 ms 0.546 ms 1.359 ms
$ traceroute www.cs.berkeley.edu
traceroute to hyperion.cs.berkeley.edu (169.229.60.105), 30 hops max, 38 byte packets
1 147.46.113.2 (147.46.113.2) 0.353 ms 0.281 ms 0.275 ms
2 147.46.200.25 (147.46.200.25) 0.264 ms 0.224 ms 0.222 ms
3 147.46.254.129 (147.46.254.129) 0.871 ms 1.017 ms 1.273 ms
4 147.46.254.26 (147.46.254.26) 1.641 ms 2.049 ms 1.854 ms
5 202.30.43.33 (202.30.43.33) 2.186 ms 1.664 ms 1.870 ms
6 seoulgsr.kreonet.net (134.75.12.6) 1.912 ms 1.925 ms 1.890 ms
7 baramgsr-seoulgsr.kreonet.net (134.75.1.1) 5.097 ms 6.110 ms 5.012 ms
…….
17 hyperion.CS.Berkeley.EDU (169.229.60.105) 217.609 ms 217.629 ms 218.099 ms
7
nslookup (1/2)
• Allow anyone to directly query a name server and
retrieve any of the information known to the DNS
System
• Usage
– nslookup [ - option ] [ name | - ] [ server ]
– interactive mode
– non-interactive mode
• Other programs
– host google.co.kr
– dig google.co.kr
8
nslookup (2/2)
$ nslookup
> mmlab.snu.ac.kr
Server:
147.46.80.1
Address:
147.46.80.1#53
Name: mmlab.snu.ac.kr
Address: 147.46.114.112
> 147.46.114.112
Server:
147.46.80.1
Address:
147.46.80.1#53
112.114.46.147.in-addr.arpa
name = mmlab.snu.ac.kr.
$ nslookup cse.snu.ac.kr
Server:
147.46.80.1
Address:
147.46.80.1#53
Non-authoritative answer:
Name: cse.snu.ac.kr
Address: 147.46.240.39
9
ifconfig
• Check the network interface configuration
• Usage
– ifconfig [interface]
$ /sbin/ifconfig
eth0
Link encap:Ethernet HWaddr 00:B0:D0:68:B1:C6
inet addr:147.46.240.47 Bcast:147.46.240.255 Mask:255.255.255.0
inet6 addr: fe80::2b0:d0ff:fe68:b1c6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:69962395 errors:0 dropped:0 overruns:150 frame:150
TX packets:35559225 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3286312879 (3.0 GiB) TX bytes:48791130 (46.5 MiB)
……..
10
arp
• Manipulate the system ARP cache
• Usage
– arp [option] hostname
$ arp -a
? (147.46.114.1) at 00:00:0c:07:ac:00 on rl0 [ethernet]
? (147.46.114.2) at 00:d0:02:cb:e3:fc on rl0 [ethernet]
? (147.46.114.10) at 00:0a:5e:01:e2:ba on rl0 [ethernet]
? (147.46.114.33) at 00:e0:98:b0:fa:7d on rl0 [ethernet]
? (147.46.114.93) at 00:04:76:d0:0a:ab on rl0 [ethernet]
csebrg1.snu.ac.kr (147.46.114.102) at 00:50:04:bf:c5:b9 on rl0 [ethernet]
topaz.snu.ac.kr (147.46.114.113) at 00:0d:61:3b:8f:59 on rl0 [ethernet]
garnet.snu.ac.kr (147.46.114.114) at 00:0e:35:0d:fe:96 on rl0 [ethernet]
opal.snu.ac.kr (147.46.114.116) at 00:11:11:0f:2f:c0 on rl0 [ethernet]
emerald.snu.ac.kr (147.46.114.118) at 00:4f:4e:0d:51:2d on rl0 [ethernet]
smart1.snu.ac.kr (147.46.114.120) at 00:00:f0:91:0d:3a on rl0 [ethernet]
? (147.46.114.193) at 00:50:da:91:0b:0d on rl0 [ethernet]
…
11
netstat (1/2)
• Show network status
• Usage
– netstat [option]
• Options
– -a : show the state of all sockets. But normally sockets used
by server processes are not shown.
– -i : show status and statistics for the physical interfaces
– -n : show network addresses as numbers
– -r : show the routing table
12
netstat (2/2)
$ netstat –r
Kernel IP routing table
Destination Gateway
Genmask
Flags MSS Window irtt Iface
localnet
*
255.255.255.0 U
00
0 eth0
default
147.46.240.1 0.0.0.0
UG
00
0 eth0
$ netstat –rn
Kernel IP routing table
Destination Gateway
147.46.240.0 0.0.0.0
0.0.0.0
147.46.240.1
Genmask
Flags MSS Window irtt Iface
255.255.255.0 U
00
0 eth0
0.0.0.0
UG
00
0 eth0
13
synack (1/3)
• Description
– Establishes a Client-Server connection by calling connect
which performs the 3-way Handshake of the TCP Protocol
– Measures the time taken for the connection to be
established b/w the client & server
– Closes the connection once the RTT is measured by calling
close which performs a 4-packet exchange
– Repeats the above process at regular intervals (defined by
the user) after the connection is closed
– Performs statistical analysis on the RTT data obtained
• Reference
– http://www-iepm.slac.stanford.edu/tools/synack/
14
synack (2/3)
• Usage
– synack [-options] host
• Options
– -p ## port number to send to (default 22)
– -k ## no. of connections to be made
– -i ## Time interval between connections in secs (default 1
sec)
– -u ## Time interval between connections in microsecs
– -z ## Percentile 1 (default 25)
– -Z ## Percentile 2 (default 75)
– -S ## Timout in secs (default 1 Sec)
– -s ## Timeout in millisecs
15
synack (3/3)
$ ./synack -p 80 -k 10 www.snu.ac.kr
SYN-ACK to moose.snu.ac.kr (147.46.10.48), 10 Packets
connected to moose.snu.ac.kr : Seq = 0 , RTT = 0.685 ms
connected to moose.snu.ac.kr : Seq = 1 , RTT = 0.612 ms
connected to moose.snu.ac.kr : Seq = 2 , RTT = 1.754 ms
connected to moose.snu.ac.kr : Seq = 3 , RTT = 0.718 ms
connected to moose.snu.ac.kr : Seq = 4 , RTT = 0.711 ms
connected to moose.snu.ac.kr : Seq = 5 , RTT = 0.667 ms
connected to moose.snu.ac.kr : Seq = 6 , RTT = 1.775 ms
connected to moose.snu.ac.kr : Seq = 7 , RTT = 0.673 ms
connected to moose.snu.ac.kr : Seq = 8 , RTT = 1.782 ms
connected to moose.snu.ac.kr : Seq = 9 , RTT = 0.638 ms
Waiting for outstanding packets (if any)..........
***** Round Trip Statistics of SYN-ACK to moose.snu.ac.kr (Port = 80) ******
10 packets transmitted, 10 packets received, 0.00 percent packet loss
round-trip (ms) min/avg/max = 0.612/1.001/1.782 (std = 0.531)
(median = 0.698)
(interquartile range = 1.087)
(25 percentile = 0.667)
(75 percentile = 1.754)
16
nmap (1/2)
• Network Mapper
• Network exploration tool and security scanner
• Scan large networks to determine which hosts are up
and what services are offering
• Usage
– nmap [Scan Types] [ Options] <host>
• Reference
– http://nmap.org
– In the unix shell, man nmap
17
nmap (2/2)
$ nmap mmlab.snu.ac.kr
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2008-03-18 16:39 KST
Interesting ports on mmlab.snu.ac.kr (147.46.114.112):
Not shown: 1504 closed ports, 170 filtered ports
PORT
STATE SERVICE
22/tcp open ssh
25/tcp open smtp
80/tcp open http
110/tcp open pop3
587/tcp open submission
3306/tcp open mysql
Nmap finished: 1 IP address (1 host up) scanned in 9.968 seconds
18
iperf (1/2)
• A tool to measure maximum TCP bandwidth
– allowing the tuning of various parameters and UDP
characteristics
• Reports bandwidth, delay jitter, datagram loss
– for a TCP connection : throughput, bandwidth
– for a UDP connection : throughput, jitter, lost/total datagram
• Usage
– iperf [-s|-c host] [options]
19
iperf (2/2)
$ iperf -s
-----------------------------------------------------------Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
-----------------------------------------------------------[ 4] local 147.46.240.47 port 5001 connected with 147.46.240.47 port 34169
[ 4] 0.0-10.0 sec 1.25 GBytes 1.07 Gbits/sec
$ iperf –c martini.snu.ac.kr
-----------------------------------------------------------Client connecting to martini.snu.ac.kr, TCP port 5001
TCP window size: 49.4 KByte (default)
-----------------------------------------------------------[ 3] local 147.46.240.47 port 34169 connected with 147.46.240.47 port 5001
[ 3] 0.0-10.0 sec 1.25 GBytes 1.08 Gbits/sec
20
Crontab
•
crontab [ -u user ] { -l | -r | -e }
– -u user user 사용자에 대해서 crontab 작업을 수행한다. 생략하면 crontab 명
령을 실행하는 사용자에 대해서 crtontab 작업을 수행.
– -l 현재 cron table을 보여 준다.
– -r 현재 cron table을 삭제한다.
– -e 현재 cron table을 편집한다.
•
cron table의 각 필드
–
–
–
–
–
minute(0~59) hour(0-23) day(1-31) month(1-12) weekday(1-7) command
요일 필드 : 1(월), 2(화), 3(수), 4(목), 5(금), 6(토), 7(일)
'*' : everytime
'-' : 범위 지정, 예를 들어 시간 필드에 1-3이면 1시와 3시 사이 즉 1시 2시 3시
',' : separator, 예를 들어 시간 필드에 1,3이면 1시와 3시
– 사용 예
• 30 14 * * 1 ~/bin/log_cat
– 매주 월요일 오후 2시 30분에 ~/bin/log_cat을 실행
• 30 2 1 * * ~/bin/log_report
– 매월 1일 새벽 2시 30분에 ~/bin/log_report를 실행
21