CS158a
Chris Pollett
Feb. 7, 2011
ping eniac.cs.sjsu.edu PING eniac.cs.sjsu.edu (130.65.86.56): 56 data bytes 64 bytes from 130.65.86.56: icmp_seq=0 ttl=254 time=1.277 ms 64 bytes from 130.65.86.56: icmp_seq=1 ttl=254 time=3.661 ms ... 30 packets transmitted, 30 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.277/3.474/5.481/0.907 ms s
traceroute csgate.Princeton.EDU 1 10.0.1.1 (10.0.1.1) 1.166 ms 0.797 ms 1.038 ms 2 router-86.cs.sjsu.edu (130.65.86.254) 1.348 ms 1.271 ms 1.368 ms 3 sjs-130-65-1-190.sjsu.edu (130.65.1.190) 1.321 ms 1.203 ms 2.468 ms ...
whois sjsu.edu This Registry database contains ONLY .EDU domains. The data in the EDUCAUSE Whois database is provided by EDUCAUSE for information purposes in order to ... Domain Name: SJSU.EDU Registrant: San Jose State University University Computing and Telecommunications ... Name Servers: SPARTA.SJSU.EDU 130.65.3.1 NS2.SJSU.EDU 130.65.120.1 ... Domain record activated: 20-Dec-1993 Domain record last updated: 11-Jul-2008 Domain expires: 31-Jul-2009
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280 stf0: flags=0<> mtu 1280 ...(next slide example will use interface en1 which is the wireless interface on my machine)lo - localloop; gif - generic tunnel interface, en - ethernet or wireless Mac/ eth0 -linux, fw -firewire, stf - ip 6 to 4 interface
ifconfig en0 down
ifconfig en0 10.4.72.99 netmask 255.255.255.0 up
tcpdump -i en1 tcp portrange 80-80dumps packet info for tcp traffic that uses port 80. You could capture udp traffic using udp rather than tcp. You could also change the ports to look at different kinds of traffic. And change en1 to en0 to look at ethernet.
sudo tcpdump -i en1 dst 130.65.86.56 and tcp port 23
Which of the following is true?