Queen: What is the default directory when you open a new order window? What is your working index? A:



Queen: Is the Internet service daemon, xinetd, started in your body? Is inetd started in your body? Why?

A: xinetd(extended Net daemon) is started in my system rather than inetd (internet service daemon). Both of them happen to be super-server daemon started just under ask for. Because xinetd is more secure than inetd, more Unix- services at this point replace inetd with xinetd.

Q: Compare the file ser_more and ser_cp. Are the two of these files the same? A: Yes, they are identical.

Q: Display the file sizes using ls –l ser*. Save the output. What are the sizes of files A: ser_more, ser_cp, and ser_cat?

ser_cat 39870 bytes

ser_cp 19935 bytes

ser_more 19935 byte


Q: Submit the ls result you kept.


[[email protected] guest]dollar ls -l ser*

-rw-rw-r-- 1 customer guest 39870 Sep 17 05: 32 ser_cat -rw-r--r-- 1 guests guest 19935 Sep 17 05: 34 ser_cp -rw-rw-r-- 1 customer guest 19935 Sep seventeen 05: 20 ser_more

arp arping ifconfig tcpdump

ping netstat route ethereal



Queen: Explain the above mentioned commands in brief.


arp(address resolution protocol): Displays and modifies addresses resolution arping: Capture ARP packets within the remote equipment.

ifconfig: Configures or perhaps displays network interface guidelines for a network using TCP/IP. tcpdump: Catch and display packets around the LAN part.

ping: Transmits an echo request to a network sponsor.

netstat: Work in conjunction while using ifconfig order to provide a status condition of the TCP/IP network interface. route: Manually manipulate the routing tables.

ethereal: Capture network packets and provide a user friendly graphical user interface and support additional software layer protocols.

Q: Draw the format in the packet you saved, such as link, IP, and TCP headers, and identify the value of each discipline in these headers. A:

Hyperlink Header

00: 16: seventy six: a9: 81: ee(Destination Address)| 00: 2009: 5b: 0a: ea: 03(Source Address)| 0x0800(Frame Type: IP)| N/A(Data)| N/A(CRC)

IP header

Variation: 4| Header length: twenty bytes| Differentiated Services Field: 0x10| Total Length: 52| Identification: 0xe535| Flags: 0x04| Fragment offset: 0| Time for you to live: 64| Protocol: TCP (0x06)| Header checksum: 0xcece (correct)| Resource: 128. 238. 66. 104

Destination: 128. 238. sixty six. 107

Option: N/A

Info: N/A

TCP Header

Supply port: 33510 (33510)| Vacation spot port: telnet (23)| Series number: 3192985136

Acknowledgement quantity: 1082427947

Header length: (32 bytes)| Reserved(N/A)| Flags: 0x0011 (FIN, ACK)| Window size: 5840| TCP Checksum: 0x8151 (correct)| Immediate Pointer: N/A

Optional(12 bytes): NOPNOP

Data: N/A


Queen: What is the value of protocol field in the IP header in the packet you saved? What is the use of the process field?


The value of process field in the IP header is 0x06 which is TCP. The use of this really is to show the top layer process.

Q: What is the value of the frame type field in an Ethernet body carrying a great ARP ask for and in an Ethernet frame transporting an ARP reply, correspondingly? A: The frame type field within an Ethernet frame carrying an ARP obtain is 0x0806. The framework type discipline in an Ethernet, frame having an ARP reply is 0x0806. Queen: What is the significance of the shape type discipline in an Ethernet, frame holding an IP datagram captured in the previous work out?

A: Shape type field in an Ethernet, frame having an IP is 0x0800.

Q: What is the use of the frame type field?

A: Indicate which process is exemplified in the payload of an Ethernet Frame.

Queen: Explain quickly the functions of the next tcpdump movement. A:

tcpdump udp interface 520: Catch traffic of UDP 520...


