IS 333 Lab: Setting Up Clients and Servers

*** = write down and submit answers to these questions/problems. I recommend you use a google doc to record your answers.

Purpose

This lab has you

• investigate how to set up some services on Ubuntu and use them.
• monitor the traffic generated by the clients and servers.

0. Pair up

• For the pair of you, boot two machines into the IS333 Ubuntu operating system from the flash drives. I'll call one machine Machine1 and the other Machine2.

1. Getting Started

• (Do the following on both machines.)
• Login as mradmin, password bluestone
• Make sure your computer is only plugged in to the white ethernet cable -- i.e., the private network.
• Open a Terminal and run ip addr to make sure you machines are both on the 192.168.33 network.
• Note the MAC and IP addresses of each machine's interface.
• Write these down on sticky notes and attach the notes to the machines.
  

2. Investigate nc and common services provided by xinetd

In this step, you will investigate, install, use, and monitor a tool called netcat.

• *** Q1. On Machine1, in a terminal, do man netcat. Read the first few paragraphs of the output. Put what you learned into your lab report document. (Use q to stop reading the man output.) ***
• *** Q2. On Machine2, start wireshark (sudo wireshark). (You may have to install it first.) Set the filter to only show packets to/from Machine1's IP address. Record the Filter that does that in your lab report. ***

• On Machine1, do this: nc -v 192.168.33.xxx 7, where 192.168.33.xx is replaced with Machine2's IP address. It will probably fail with Connection refused. *** Q3. Whether it fails or not, in wireshark on Machine2, look to see what protocols and ports nc uses. Record this. ***

We want to install some basic services on Machine2 and then use them over the network from Machine1. To do this we'll install a "superserver" that can provide multiple basic services.

• On Machine2, install xinetd (the superserver).
• Now, we have to enable some of services provided by xinetd. On Machine2, in a Terminal window, do this:
  • sudo -s
  • (This puts you in permanent sudo mode! Yeah!)
  • cd /etc/xinetd.d/
  • pico echo
  • This will open a file editor (pico) on the file echo. Enable the echo server for TCP by changing disable = yes to disable = no. Save the file and exit the program.
  • Now, we have to restart the server. To do that, type this: service xinetd restart
• Now, restart the wireshark capture on Machine2.
• On Machine1, do nc -v 192.168.33.xxx 7
• We are connecting to port 7, which is the echo server.
• Type a line like hello world!. It should get echoed back to you from the remote machine.
• Stop the capture on Machine2, and inspect the packets you see. Find your message you sent in the 2 packets you captured. *** Q4. Look in the TCP layer and find how many bytes you sent across the network each direction. Record the message you sent and how many bytes TCP says were sent. ***
• Repeat the above steps, enabling the chargen service, which operates on port 19.
• Start a wireshark capture, and use nc to connected to port 19. Use Ctrl-C to stop the output coming from the chargen server. Stop the wireshark capture.
• *** Q5. How many bytes are sent in the TCP packets carrying the chargen data? ***

3. Investigate ssh

As you saw, these basic servers sends data unencrypted "over the wire". This would be a very bad thing, if you were sending crucial information, like your password or credit card information.

Of course, we have something better called ssh, which allows you to log in remotely to another machine, but encrypts everything that is sent across the wire (like your password).

• On Machine1, try to ssh to Machine2: ssh mradmin@<machine2's ip address here>
• If the above step fails, then on Machine2, type sshd. (You are trying to run the ssh daemon/server.) Follow the instructions to install the ssh daemon. If you don't get instructions on how to install it, you might just have to restart it.
  • Note that you might get another error about not being able to install opensshd and having to run apt-get update. Do that if that is what the system recommends.
• On Machine2, start up wireshark and start capturing packets with that same filter as above.
• Ssh from Machine1 to Machine2 again. Type a command or two to run.
• Stop collecting packets on Machine2. Inspect them. Do you see the data stream across the wire? *** Q6. Record in your lab document what you see and know about what is going across the wire. ***

4. Clean up

On each machine, run apt-get purge list-of-packages-you-installed to clean up and remove those packages. You may leave wireshark installed.

Remove the white ethernet cables and plug in the orange ones.

Shutdown the machine, and return the flash drives to the box.

Turn in

Turn in the answers to the questions marked *** by submitting the file via Moodle. Only one submission per group, with both Persons' names on it.

Grading Rubric:

20 points total:

5 points: All questions are answered

10 points: Correct answers.

5 points: Depth of information from investigations.