Answer the questions at the end of each section after undertaken the

exercises. Submit the answers to each section in a hard copy format to your
Course Rep to be handed to your course instructor before the submission
deadline.

The final submission must include only the questions and corresponding
answers. Keep a soft copy of the screenshots on a labeled USB drive (With
group name and members), and hand it over to your course Rep for
submission on due date.

Be sure to keep soft copies of the assignment as you could be asked to

include it anytime. Submission of assignment is due Tuesday 09/07/2024.

1
 IPCONFIG
This command will give you a listing of your basic IP information for the computer you
are using. You will get your IP address, subnet mask, and default gateway (the
computer that connects you to the Internet). You will use your IP address for scanning,
remote administration, etc. Ipconfig will also allow you to manage your DNS resolver
cache and renew your IP address with the DHCP server. You will learn more about DNS
and DHCP in this course.

1. Click Start and Run.

2. Type cmd
3. Press Enter.
4. Type ipconfig
5. Press Enter. (This will display basic network configuration information for
adapters on your computer. See Figure 1-11.)
6. Type ipconfig /all
7. Press Enter. (This will display extended network configuration information for all
adapters on your computer.)
8. Take a screenshot. (You can press Alt-Prt Scn for the current window or Ctrl-Prt
Scn for the entire computer screen. See Figure 1-12.)

Figure 1-11: Output from the ipconfig command.

2
 Figure 1-12: Output from the ipconfig /all command.

In the second command you used the /all option to get more information about each
adapter. Note that this computer has three ways of connecting to different networks.
There is a regular NIC to connect to the LAN, and a wireless card, and a Bluetooth
adapter.

8a. Write down your ip address

b. Write down your MAC address for the computer you are using.

c. Write down the ip address of the computer that connects to the Internet (Default
Gateway)

d. Type time. Press Enter twice. (This will display the current time and provide a timestamp for
your project.)
e. Take a screen shot.

9. Type ipconfig /flushdns

10. Press Enter. (This will flush all DNS entries.)
11. Type ping www.google.com
12. Press Enter.
13. Type ipconfig /displaydns
14. Press Enter. (See Figure 1-13.)
15. Scroll down until you see the entry for www.Google.com.
16. Take a screenshot. (See Figure 1-14.)

3
 Figure 1-13; Output from the displaydns command.

Figure 1-14: Output showing the entry for www.Google.com.

17. Type ipconfig /all

18. Press Enter.
19. Take a screenshot. (See Figure 1-15.)
20. Type ipconfig /renew
21. Press Enter. (The command orders your DHCP client to renegotiate an IP address
lease with the DHCP server on your router. In some cases, renewing the IP

4
 address resolves connection issues.)
22. Take a screenshot. (See Figure 1-16.)

Figure 1-15: showing lease time before renewal Figure 1-16: Showing lease time after renewal.

The DHCP server loaned you an IP address for a given amount of time. (In this case it
was one day.) By renewing your IP address you can reserve this same IP address for a
longer amount of time. The information provided by the ipconfig command will come in
handy when you do the rest of the projects.
If you want a listing of all the possible options available for a given DOS command
(ipconfig) you can just type the name of the command followed by a question mark.

23. Type ipconfig /?

24. Type time
25. Press Enter twice.
26. Take a screenshot. (See Figure 1-17.)

5
Figure 1-17: Displaying help for ipconfig.

A. END OF IPCONFIG QUESTIONS

1. What is the practical difference between an IP address and a physical (MAC)
address? Comment on the changing phases in relation to a host in practice.
2. What is a Default Gateway of your computer?
3. If DHCP is enabled, on what date was the lease obtained? On what date does the
4. lease expire?
5. What do DNS servers do?
6. What is a subnet mask?

PING

Ping is a command that will tell you if a host is reachable and alive. It works just like
pings in submarines. It sends out a packet that asks the target computer to
send it back a message saying it's actually there. It also tells you how long it took to
get back and if any of the packets were lost. This is very useful if you need to see if a
server/computer is running. You can also diagnose latency and/or packet loss issues.
This example pings www.google.com repeatedly. Feel free to ping your own university
or Web site of your choice. Instead of using "www.google.com" please use
"www.YourUniversity.edu." Timestamps will also be included at the end of each
example.

1. Click Start and Run.

2. Type cmd
3. Press Enter.
4. At the prompt, enter www.aamusted.edu.gh. The computer needs to translate
aamusted.edu.gh into an IP address so it knows where to send the Internet Control
Message Protocol (ICMP) packets. Ping is a type of ICMP packet.
5. Press Enter. (This will ping www.aamusted.edu.gh with four packets.)

The first line of the output shows www.aamusted.edu.gh converted to an IP

address by DNS. You should be able to see the effect of DNS even if your school has a
firewall that prevents pinging, or if Cisco has prevented people from pinging their web
server.
6. Type time
7. Press Enter twice.
8. Take a screenshot. (See Figure 1-18.

6
Figure 1-18: Output from ping command. Figure 1-19: Output from ping -t command.

9. Type ping www.aamusted.edu.gh -t

10. Press Enter.
11. Press Ctrl-Break after about 5 replies.
12. Press Ctrl-Break again after about 5 replies.
13. Press Ctrl-C to stop sending packets.
14. Type time
15. Press Enter twice.
16. Take a screenshot. (See Figure 1-19.)
17. Type cls
18. Press Enter. (This clears the screen.)
19. Type ping www.aamusted.edu.gh -n 6
20. Press Enter.
21. Type ping www.aamusted.edu.gh -l 50
22. Press Enter.
23. Type time
24. Press Enter twice.
25. Take a screenshot. (See Figure 1-20.)

7
Figure 1-20: Output from ping -n command.

Figure 1-21: Output from ping -n command.

8
26. Type cls
27. Press Enter.
28. Type ping www.aamusted.edu.gh -r 5
29. Press Enter.
30. Type time
31. Press Enter twice.
32. Take a screenshot. (See Figure 1-21.)

33. Test the Network Interface TCP/IP Stack

Step 1: Test TCP/IP stack using the loopback address.

To verify that the TCP/IP protocol is functioning, ping your loopback address
(127.0.0.1).
Enter the ping 127.0.0.1 command at the prompt.

Step 2: Test TCP/IP stack using the configured IP address.

You can also ping your IP address. In this example, enter the ping 192.168.1.11
command at the prompt.
Question:
Record one of the replies from your ping command.

B. END OF PING THOUGHT QUESTIONS

1. Can you adjust the number of packets that are sent? How?
2. What did the -t, -n, -l, -r options do?
3. Why would you experience packet loss?
4. Why would you want to send larger packets?
5. Record one of the replies from your ping command in 33 above.

TRACERT & PATHPING

Trace route (tracert in Windows and traceroute in Linux) is a command that allows you
to see every computer (including routers) between your computer and a target host of
your choosing. You can type in the name of the computer (e.g. www.aamusted.edu.gh)
or the IP address of the computer (41.74.91.129). Tracert can be used to diagnose
routing problems, latency issues, or network bottlenecks. Pathping combines the
statistics from ping and the route tracing function from tracert.

9
Tracert can also provide you with information about the route packets are taking over a
network. Each router that the packet travels through to reach the destination address is
shown as a hop in the tracert output. If there is a network issue on the path, the
tracert output will stop after the last successful hop. The first hop in the output is the
default gateway of the source PC, and the last entry will be the destination address
when the tracert command completes successfully. It can be surprising how many hops
there are between you and a Web site that you visit. Oftentimes the route a packet
takes is not the shortest geographical distance. This example uses
www.aamusted.edu.gh repeatedly. Feel free to use the hostname of any other Web
site to see the response.

I. Click Start and Run

2. Type cmd
3. Press Enter.
4. Type tracert www.aamusted.edu.gh
5. Press Enter. (This will list every computer on the route between your
computer and www.aamusted.edu.gh.)
6. Type tracert www.google.com
7. Press Enter. (This will list every computer on the route between your
computer and www.Google.com.)
8. Type time
9. Press Enter twice
10. Take a screenshot. (See Figure 1-22.)

Figure 1-22: Output from tracert command. Fiaure 1-23: Output from tracert -d and
tracert -h commands.

11. Type tracert www.google.com -d

[Hint: The -d and -h options need to come before the hostname (in this case www.google.com) in
Windows 7. The options can come after the hostname if you are using Windows XP or Windows 10]

10
12. Press Enter.
13. Type tracert www.google.com -h 5
14. Press Enter.
15. Type time
16. Press Enter twice.
17. Take a screenshot. (See Figure 1-23.)
18. Type pathping www.aamusted.edu.gh -q 5 -w 5
19. Press Enter.
20. Type time
21. Press Enter twice.
22. Take a screenshot. (See Figure 1-24.)
23. Type pathping www.google.com -q 5 -w 5
24. Press Enter.
25. Type time
26. Press Enter twice.
27. Take a screenshot. (See Figure 1-25.)

Figure 1-24: Output from pathping -q-w command. Figure 1-25: Output from pathping-r-w command to
Google.com

At the time the route was traced there were 14 computers or routers between this host
and www.Google.com. None of the nodes along the way timed out and most of the
packets took less than 50ms to come back.

11
C. END OF TRACERT THOUGHT QUESTIONS

1. Why would you use the -d option?

2. If you had several nodes "time out" how would the -w option help?
3. Why would a network administrator only want to see part of the route?
4. How would the pathping results change if you didn't use -q 5 in the command?

NETSTAT

Netstat is the command that lists all current network connections, connection statistics,
and routing tables on your computer. The default netstat command will give you a
listing of all of the ports open on your computer as well as the foreign address of the
computer you're connected to.

Ports are like doors on your house. Information packets are addressed to a specific IP
address (location) and port number (point of entry). Your house works the same way.
It has an address (location) and door (point of entry) where packages are delivered.
Netstat can tell you which programs are sending/receiving information to/from your
computer.

1. Click Start and Run.

2. Type cmd
3. Press Enter.
4. Type netstat
5. Press Enter.
6. Type time
7. Press Enter twice.
8. Take a screenshot. (See Figure 1-26.)

Fig 1-26: output from netstat command

12
In this example you can see multiple ports opened. The only problem is you don't know
which program is opening all of those ports. You can use the -b option to get
information about which program is opening each port.

Fig 1-27: output from netstat –b command

The -a option will show all of the ports (including UDP ports) that may be open on your
machine. The –n option will show the local and foreign addresses for each connection.
The -e option will display statistics about the number of packets sent/received, errors,
and packets that were discarded.

9. Type cls
10. Press Enter.
11. Type netstat -b
12. Press Enter.
13. Take a screenshot. (See Figure 1-27.)
14. Type netstat -a
15. Press Enter.
16. Take a screenshot.

Now you know that a program avp.exe is opening a lot of ports to send/receive email.
Using the -b option you can find out if a rogue program is opening a port. This is useful
when you want to identify programs that are sending/receiving information. You don't
want rogue programs sending/receiving information.

17. Type cls

18. Press Enter.
19. Type netstat -n
20. Press Enter.
21. Take a screenshot.
22. Type netstat -e
23. Press Enter.
24. Take a screenshot. (See Figure 1-29.)
13
Using the -n option you can see which external computers are connected to your
computer and which port(s) they are using. Knowing which foreign address your
computer is connecting to can be helpful if you want to be sure where your data is
going to or coming from. The -e option is a quick way to tell if you are
ending/receiving packets and if you are getting a large number of errors. This will help
you
identify a bad network card, cable, or configuration issue.

Figure 1-28: Output from netstat -a command. Figure 1-29: Output from netstat -n and netstat -e
commands.

25. Type cls

26. Press Enter.
27. Type netstat -e 5
28. Press Enter.
29. Let it run for about 15 seconds.
30. Press Ctrl-C to stop sending packets.
31. Type time
32. Press Enter twice.
33. Take a screenshot. (See
Figure 1-30.)
34. Type netstat -s
35. Press Enter.
36. Take a screenshot. (See
Figure 1-31.)

14
Fig 1-29: output from netstat –n and –e commands. [Hint: To appreciate it much better, keep many
tabs of your browser opened]

Figure 1-30: Output from netstat -e command. Figure 1-31: Output f'rom netstat -s command.

D. END OF NETSTAT THOUGHT QUESTIONS

1. How can netstat help you track the information coming in and out of your
computer?
2. How can netstat help you diagnose network problems? [Do not list commands]
3. How would the routing table (netstat -r) be useful?
4. Why would someone need different statistics for IP, IPv6, ICMP. TCP, UDP, etc.?

15
 NSLOOKUP

Objectives
• Observe the conversion of a URL to an IP address.
• Observe DNS lookup using the nslookup command.

Required Resources
• 1 PC (Windows 10)
• Internet connectivity

Background / Scenario
Domain Name System (DNS) is invoked when you type a Uniform Resource Locator
(URL), such as http://www.cisco.com, into a web browser. The first part of the
URL describes which protocol is being used. Common protocols are HTTP (Hypertext
Transfer Protocol), HTTPS (Hypertext Transfer Protocol over Secure Socket Layer),
and FTP (File Transfer Protocol). DNS uses the second part of the URL, which in this
example is www.cisco.com. DNS translates the domain name (like www.cisco.com)
to an IP address to allow the source host to reach the destination host.

Nslookup is a command that will give you all of the IP addresses that are
associated with a given domain name from the local DNS server (it's like an Internet
phone book). For example, if you wanted to find the IP addresses of www.CNN.com
you could use nslookup to identify them. Nslookup is also useful for solving DNS
problems.
There are two modes when you use nslookup (non-interactive and interactive). You
will use the non-interactive mode for this exercise and can learn more about the
interactive mode later here: http://support.microsoft.com kb 200525.

1. Click Start and Run.

2. Type cmd
3. Press Enter.
4. Type nslookup www.aamusted.edu.gh
5. Press Enter.
6. Type nslookup www.cnn.com
7. Press Enter.
8. Type nslookup www.google.com
9. Press Enter.
10. Type time
11. Press Enter twice.
12. Take a screenshot. (See Figure 1-32.)
13. At the command prompt, enter the nslookup command (answer question 5 at
the end of this exercise).
14. At the nslookup prompt, type cisco.com. answer question 6 at
the end of this exercise).
15. At the prompt, type exit to return to the regular command prompt.

16
Figure 1-32: Output from nslookup command.

E. END OF NS LOOKUP THOUGHT QUESTIONS

1. From the above figure (fig 1-32), why are there multiple IP addresses associated
with a single domain name (e.g. www.cnn.com and www.Google.com )?
2. Why did Nslookup query Custl.dns.cais.net (or other domain) instead of querying
www.cnn.com directly?
3. Why does www.google.com use an alias?
4. How do domain names and IP addresses get registered? Name the organization
that handles this process.
5. What is your default server listed as from Question 13?
6. What is the translated IP address from question 14? Is the IP address an IPv4
address or an IPv6 address?

17