EX:No:4(a) INSTALLATION OF WIRE SHARK

Aim:
To Install of Wireshark on windows
Introduction:
Wireshark is software that is widely used in the analysis of data packets in a network.
Wireshark is completely free and open source.
This packet analyzer is used for a variety of purposes like troubleshooting networks,
understanding communication between two systems, developing new protocols, etc.
This software is written in C and C++ Wireshark is a cross-platform software, it can be
run on Linux, windows, mac, and any other operating system.
Procedure:
Installing Wireshark on Windows:
Follow the below steps to install Wireshark on Windows:
Step 1: Visit the official Wireshark website using any web browser.

\Step 2: Click on Download, a new webpage will open with different installers of Wireshark.
Step 3: Downloading of the executable file will start shortly. It is a small 73.69 MB file
that will take some time.

Step 4: Now check for the executable file in downloads in your system and run it.

Step 5: It will prompt confirmation to make changes to your system. Click on Yes.
Step 6: Setup screen will appear, click on Next.

Step 7: The next screen will be of License Agreement, click on Noted.

St
ep 8: This screen is for choosing components, all components are already marked so don’t change
anything just click on the Next button.
\Step 9: This screen is of choosing shortcuts like start menu or desktop icon along with file
extensions which can be intercepted by Wireshark, tick all boxes and click on Next button.

Step 10: The next screen will be of installing location so choose the drive which
will have sufficient memory space for installation. It needed only a memory space of
223.4 MB.
Step 11: Next screen has an option to install Npcap which is used with Wireshark to capture packets pcap
means packet capture so the install option is already checked don’t change anything and click the next
button.

Step 12: Next screen is about USB network capturing so it is one’s choice to use it or not,
click on Install.
Step 13: After this installation process will start.

Step 14: This installation will prompt for Npcap installation as already checked so the license
agreement of Npcap will appear to click on the I Agree button.

Step 15: Next screen is about different installing options of npcap, don’t do anything
click on Install.
Step 16: After this installation process will start which will take only a minute.

Step 17: After this installation process will complete click on the Next button.

Step 18: Click on Finish after the installation process is complete.

Step 19: After this installation process of Wireshark will complete click on the Next button.

Step 20: Click on Finish after the installation process of Wireshark is complete.

Wireshark is successfully installed on the system and an icon is created on the desktop.

Result:Thus Wire Shark is installed successfully

EX:NO:4(b) INSTALLATION OF TCP DUMP(WIN DUMP)

Aim: To install TCP Dump(Win Dump)

Prodedure To Install TCP Dump or Win Dump

Tcpdump is the classic tool for monitoring packets. This is a windows version.

Step 1 – Download and install Windump

Step 2 – Download and install WinPcap

http://www.winpcap.org/install/default.htm

Step 3 – Open a Command Prompt with Administrator Rights

 Start > Accessories > Command Prompt
 Right Click > Run As Administrator
 Change the directory to your download directory – normally in windows this is:

You will need to place your network card into promiscuous mode – for this, install WinPcap.

cd c:\Users\Smile\Downloads

 Smile will be replaced with your username eg cd c:\Users\your username\Downloads

Step 4 – Run windump to locate your network adapter windump -D

  Windump will list your adapter with a number.
 You may have several adapters listed.
 You select the interface to start running windump (as shown in step 5 using interface number
2).
Step 5 – Run windump to collect packets and write out to a file
windump -i 2 -q -w C:\perflogs\diagTraces -n -C 30 -W 10 -U -s 0

this will create a directory c:\perflogs\ and a file called diagTrace0.

The switches mean this:

 -i is the number of NIC selected in the previous step

 -q is quiet mode
 -w <name> is the prefix of the files to create
 -n the logging will not resolve host names, all data will be in IP address format
 -C the size in Millions of Bytes the logs files so grow to before moving to the next file
 -W the number of circular log files to retain in addition to the current log file, specify in <path>
where the files are to be stored
 -U as each packet is saved, it will be written to the output file
 -s decreases the amount of packet buffering, set this to zero
Step 6 – Use Wireshark to Open your file
If you don’t have wireshark installed, download it from here:
File > Open > C:\perflogs > diagTraces0
 Wireshark will reveal all the packet data. Double click on each event, to drill down to more data.

Or click on the “Protocol” Column, to sort by Arp, TCP, UDP or DNS etc.

Wireshark is a powerful tool, which is open source, and it’s ideal to examine and filter your
tcpdump/windump data capture files.

To give you an example of the “drilling down” effect, here is a windump/wireshark DNS packet
for WordPress.com

Result: Thus TCP DUMP was installed Successfully.

EX:NO: 5 OBSERVATION OF DATA TRANSFER IN CLIENT –SERVER
COMMUNICATION USING TCP/UDP AND UDP / TCP DATAGRAM
IDENTIFICATION

Aim:To observe the data transferred in client server communication using TCP / UDP and
UDP / TCP data gram identification.

Procedure :

 After downloading and installing wireshark, you can launch it and click the name of
an interface under Interface List to start capturing packets on that interface.
 For example, if you want to capture traffic on the wireless network, click your
wireless interface. You can configure advanced features by clicking Capture Options.

 As soon as you click the interface‘s name, you‘ll see the packets start to appear in real
time. Wireshark captures each packet sent to or from your system.
 If you‘re capturing on a wireless interface and have promiscuous mode enabled in
your capture options, you‘ll also see other the other packets on the network.
 Click the stop capture button near the top left corner of the window when you want to
stop capturing traffic.
 Wireshark uses colors to help you identify the types of traffic at a glance.
 By default, green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic,
and black identifies TCP packets with problems — for example, they could have been
deliveredout-of-order.

OBSERVATION OF CLIENT SERVER COMMUNICATION USING TCP/UDP

By typing the ip address of client in filter box at top of the window in server’s
system and ip address of server in client system we can monitor the client server
communication

UDP / TCP DATAGRAM IDENTIFICATION

 If you‘re trying to inspect something specific, such as the traffic a program sends
when phoning home, it helps to close down all other applications using the network so
you can narrow down the traffic.
 Still, you‘ll likely have a large amount of packets to sift through. That‘s where
Wireshark‘s filters come in.
 The most basic way to apply a filter is by typing it into the filter box at the top of the
window and clicking Apply (or pressing Enter). For example, type ―TCP‖ and you‘ll
see only TCP packets. , type ―DNS‖ and you‘ll see only DNS packets.
 When you start typing, Wireshark will help you auto complete your filter.
You‘ll see the full conversation between the client and the server.

Close the window and you‘ll find a filter has been applied automatically — Wireshark is
showing you the packets that make up the conversation.
Inspecting Packets Click a packet to select it and you can dig down to view its details

You can also create filters from here — just right-click one of the details and use the Apply
as Filter submenu to create a filter based on it.
Result: Thus we observed the data transferred in client server communication using TCP /
UDP and UDP / TCP data gram was identified.
Ex:No: 6(a) MAN IN THE MIDDLE ATTACK (MITM)
Aim: To write a python program to implement Man In The Middle Attack
Algorithm
Step 1: Selected public Keys p and g,
p is a prime number, called the “modulus” and g is called the base.
Step 2: Selecting private Keys.
Let Alice pick a private random number a and let Bob pick a private random number b,
Malory picks 2 random numbers c and d.
Step 3: Intercepting public Keys,
Malory intercepts Alice’s public key (ga(mod p)), block it from reaching Bob, and
instead sends Bob her own public key (gc(modp)) and Malory intercepts Bob’s public key
(gb(mod p)), block it from reaching Alice, and instead sends Alice her own public key (gd
(modp))
Step 4: Computing secret key
Alice will compute a key S1=gda(mod p), and Bob will compute a different key, S2=gcb(mod p)
Step 5: If Alice uses S1 as a key to encrypt a later message to Bob, Malory can decrypt it,
re- encrypt it using S2, and send it to Bob. Bob and Alice won’t notice any problem and
may assume their communication is encrypted, but in reality, Malory can decrypt, read,
modify, and then re- encrypt all their conversations.
Program
import random

# public keys are

taken # p is a prime
number
# g is a primitive root of p
p = int(input('Enter a prime number
: ')) g = int(input('Enter a number :
'))

class A:
def __init__(self):
# Generating a random private number selected by
alice self.n = random.randint(1, p)

def publish(self):
 # generating public
values return (g**self.n)
%p

def compute_secret(self,
gb): # computing secret
key return (gb**self.n)
%p

class B:
def __init__(self):
# Generating a random private number selected for
alice self.a = random.randint(1, p)
# Generating a random private number selected for
bob self.b = random.randint(1, p)
self.arr = [self.a,self.b]

def publish(self, i):

# generating public
values return
(g**self.arr[i])%p

def compute_secret(self, ga,

i): # computing secret key
return (ga**self.arr[i])%p

alice = A()
bob = A()

eve = B()

# Printing out the private selected number by Alice and Bob

print(f'Alice selected (a) : {alice.n}')
print(f'Bob selected (b) : {bob.n}')
print(f'Eve selected private number for Alice (c) :
{eve.a}') print(f'Eve selected private number for Bob
(d) : {eve.b}')
 # Generating public
values ga =
alice.publish()
gb = bob.publish()
gea =
eve.publish(0) geb
= eve.publish(1)
print(f'Alice published (ga): {ga}')
print(f'Bob published (gb): {gb}')
print(f'Eve published value for Alice (gc):
{gea}') print(f'Eve published value for Bob
(gd): {geb}')

# Computing the secret key

sa =
alice.compute_secret(gea)
sea =
eve.compute_secret(ga,0) sb
= bob.compute_secret(geb)
seb =
eve.compute_secret(gb,1)
print(f'Alice computed (S1) : {sa}')
print(f'Eve computed key for Alice (S1) :
{sea}') print(f'Bob computed (S2) : {sb}')
print(f'Eve computed key for Bob (S2) : {seb}')
Output:
Enter a prime number (p) : 227
Enter a number (g) : 14
Alice selected (a) : 227
Bob selected (b) : 170
Eve selected private number for Alice (c) : 65
Eve selected private number for Bob (d) : 175
Alice published (ga): 14
Bob published (gb): 101
Eve published value for Alice (gc): 41
Eve published value for Bob (gd): 32
Alice computed (S1) : 41
Eve computed key for Alice (S1) : 41
Bob computed (S2) : 167
Eve computed key for Bob (S2) : 167
Result: Thus MITM attack was executed using python code.
Ex:No: 6(b) DICTIONARY ATTACK

Aim: To write a python program for simulating dictionary attack on password

Algorithm:
 Python program that simulates a dictionary attack on a password by trying out a
list of commonly used passwords and their variations.
 we first define a list of commonly used passwords and their variations.
 We then define the hash of the password we want to attack (in this example,
"mypass12#@" is hashed using SHA-256).
 We then use a nested loop to try out all possible combinations of common
passwords and their variations.
 For each combination, we hash the password using SHA-256 and check if it
matches the hashed password we want to attack.
 If a match is found, we print the password and exit the loop. If no match is found,
we print a message indicating that the password was not available.
Program
import hashlib
# List of commonly used passwords and their variations
common_passwords = ["password", "password123", "letmein", "qwerty", "123456",
"abc123", "admin", "welcome", "monkey", "sunshine"]
password_variations = ["", "123", "1234", "12345", "123456", "!", "@", "#", "$", "%", "^", "&", "*",
"(", ")", "-", "_", "+", "=", "/", "\\", "|", "[", "]", "{", "}", "<", ">"]
# Hash of the password to be attacked
hashed_password = hashlib.sha256(b"mypass12#@").hexdigest()
# Try out all possible combinations of common passwords and their
variations for password in common_passwords:
for variation in password_variations:
possible_password = password + variation
hashed_possible_password =
hashlib.sha256(possible_password.encode()).hexdigest() if
hashed_possible_password == hashed_password:
print(f"Password found:
{possible_password}") break
else:
continu
e break
else:

print("Password not found")

Output Password Not Found
Result: Thus python program for simulating dictionary attack on password was executed and
output was verified successfully.
EX NO: 7 ARP Poisoning
Aim:
To Experiment with Sniff Traffic using ARP Poisoning
Introduction:
What is ARP Poisoning?

ARP is the acronym for Address Resolution Protocol. It is used to convert IP address to physical addresses
[MAC address] on a switch.

The host sends an ARP broadcast on the network, and the recipient computer responds with its physical
address [MAC Address]. The resolved IP/MAC address is then used to communicate.

ARP poisoning is sending fake MAC addresses to the switch so that it can associate the fake MAC addresses
with the IP address of a genuine computer on a network and hijack the traffic.

Procedure:

Step 1: Open the command prompt.Enter the command

ipconfig /all

You will get detailed information about all the network connections available on your computer

Step 2: Open the command prompt and enter the following command

arp –a

Here,

 aprcalls the ARP configure program located in Windows/System32 directory

 -a is the parameter to display to contents of the ARP cache

You will get results similar to the following

Note: Dynamic entries are added and deleted automatically when using TCP/IP sessions with remote
computers.

Static entries are added manually and are deleted when the computer is restarted, and the network interface
card restarted or other activities that affect it.

Step 3: Adding static entries ,Using ipconfig command we got,

now enter the following command

arp –s 192.168.1.38 60-36-DD-A6-C5-43

Step 4: Use the following command to view the ARP cache

arp –a
You will get the following results

Note the IP address has been resolved to the MAC address we provided and it is of a static type.

Step 5: Deleting an ARP cache entry

Use the following command to remove an entry

arp –d 192.168.1.38

Result :

Thus ARP poisoning works by sending fake MAC addresses to the switch
 EX NO: 8 Demonstration of intrusion detection system (ids)
AIM: To demonstrate intrusion detection system using Snort
INSTALLATION PROCEDURE
1. Download SNORT from snort.org
2. Install snort with or without database support.
3. Select all the components and Click Next.
4. Install and Close.
5. Skip the WinPcap driver installation
6. Add the path variable in windows environment variable by selecting new classpath.
7. Create a path variable and point it at snort.exe variable name path and variable
value c:\snort\bin.
8. Click OK button and then close all dialog boxes.
9. Open command prompt and type the commands.

STEPS
SNORT can be configured to run in three modes:
1. Sniffer mode 2. Packet Logger mode 3. Network Intrusion Detection System mode
Sniffer mode
i. snort –v Print out the TCP/IP packets header on the screen
ii. snort –vd Show the TCP/IP ICMP header with application data in transit.
Packet Logger mode
i. snort –dev –l c:\log  snort will automatically know to go into packet logger mode, it
collects every packet it sees and places it in log directory.
ii. snort –dev –l c:\log –h ipaddress/24 This rule tells snort that you want to print out
the data link and TCP/IP headers as well as application data into the log directory.
iii. snort –l c:\log –b This is binary mode logs everything into a single file.
Network Intrusion Detection System mode
ii. snort –d c:\log –h ipaddress/24 –c snort.conf This is a configuration file applies rule
to each packet to decide it an action based upon the rule type in the file.
iii. snort –d –h ipaddress/24 –l c:\log –c snort.conf This will configure snort to run in
its most basic NIDS form, logging packets that trigger rules specifies in the snort.conf
C:\Snort\bin\snort –v
C:\Snort\bin\snort –vd

C:\Snort\bin\ snort –dev –l c:\log

C:\Snort\bin\snort –dev –l c:\log –h ipaddress/24

C:\Snort\bin\snort –l c:\log –b

snort –d –h ipaddress/24 –l c:\log –c snort.conf

Result:Thus intrusion detection system was studied using snort.

Ex:No:9 NETWORK MONITORING TOOLS

Aim: To explore network monitoring tools.

The Importance of Network Monitoring

Robust network monitoring tools are vital for ensuring the clear visibility and management
of devices, confirming their availability when needed. Given the many dimensions of
network management, there’s a wide variety of tools under the umbrella of “network
management tools.”

The best network monitoring tools:

1. ManageEngine OpManager
Platform: Windows,Linux, iOS, and Android
OpManager is an end-to-end network management software. It enables you to screen
network availability, traffic, performance metrics of various devices, including routers,
servers, switches, etc Key features:
 Allows you to monitor multi-vendor network devices’ performance.
 It offers real time monitoring.
 Actively manage the physical servers like VMs, RAID, storage arrays, etc.
 Over 9500 built-in monitoring templates for network devices.
 Advanced notifications and alerts are sent to you via E-mails and SMS.
 With 100+ performance widgets, you can custom dashboard
 Easily manage the network with your mobile app
 Contextual integrations for all-in-one network infrastructure monitoring
 Effectively monitor WAN/VoIP for jitter, packet loss, and latency.
 It provides an automated troubleshooting feature.
 It has an SSL offload
 Free trial: yes, 30-days free version

Pros

 Uptime reporting
 Real-time monitoring
 The network is accessible through mobile
 Multi-user collaboration

Cons
  It is a feature-rich tool that will require a time investment to learn properly.

2. Auvik
Platform: Web-based
Auvik is a faster, easy-to-use, cloud-based network monitoring software giving you
instant insight into the networks you manage with automated network discovery,
monitoring, documentation, and much more. This networking performance monitor
tool provides real- time network mapping and inventory, keeping you constantly
updated.

Key features:

 The software runs on Windows Server and Ubuntu Linux.

 This network performance monitoring tool provides a dashboard that displays all
your activities.
 It gives alerts immediately when unusual activity occurs.
 The software contains a SaaS package that includes a processing power and storage
area for monitoring software and system logs as well.
 Provides secure SSH access via an in-app terminal

 It completely centralizes the monitoring of networks available on multiple sites.

 Allows you to create powerful workflows with its APIs
 It provides auto-discovery services.
 Its lightweight collector takes just a few minutes to install, and on its installation, it
immediately begins to discover the network devices.
 Free trial: Yes, 14 days free trial

Pros

 It supports both Windows Server and Ubuntu Linux.

 Collects the data in real time
 Automatically backups all the activities, which can be accessed in the future.
 You can easily access it from anywhere via any standard web browser.
 It includes configuration management.
 It gives an unlimited number of endpoints.

Cons
  It is not compatible with any other auviks modules.
 No path capacity analysis across links.

3. Network Bandwidth
Analyzer Platform: Windows
& Linux
Network Bandwidth Analyzer is a multi-vendor network monitoring tool that allows
you to monitor the network’s performance. Detecting, diagnosing, resolving the network
performance issues allows you to use the network more effortlessly

Key features:

 Quickly detects, diagnoses, and resolves the network performance issues, reducing
the network outrages.
 Easily view IPv4 and IPv6 flow records.
 You can easily Monitor Cisco NetFlow, Juniper J-Flow, sFlow, Huawei
NetStream, and IPFIX flow data identifying the applications and protocols
consuming the most bandwidth.
 Immediately shows alerts if there is any change in the application traffic activity.
 Easily set alerts if the network monitoring software stops sending you network
performance data.
 The Analyzer collects all the traffic data and converts it into a useable format by
which you can easily monitor the network traffic.
 VMware vSphere distributed switch support, by which it can filter out east-west
traffic on specific hypervisors.
 Just dragging and dropping the network performance metrics on a common
timeline accelerates the process of identifying the root cause.
 The software supports the Cisco NBAR2, which provides visibility into HTTP (port
80) and HTTPS (port 443) traffic without additional probes, spanning ports, etc.
 Easily create a schedule, and deliver in-depth network traffic analysis and bandwidth reports.
 This is one of the best free network monitoring tools which supports wireless network
monitoring and management.
 With CBQoS policy optimization, you can measure the effectiveness of pre-and
post-policy traffic levels per class-map
 Free trial: Yes, 30 days fully functional trial.

Pros

 This SolarWinds network performance monitor is easy to use

  This networking monitoring tool for windows offers flexible deployment options
 You can create customizable network traffic reports.
 With port 0 monitoring, you can easily increase the security by having visibility into
malicious or malformed traffic.
Cons

 Does not have strong integration with 3rd party products.

4. Site24x7
Platform: Windows & Linux
It is a robust and stable network monitoring tool that gives you an insight at the device and
interface level. It is a SaaS-based all-in-one monitoring solution for DevOps and IT.

Key features:
 Its network monitoring solution is SNMP-based.
 It monitors the network devices’ health, performance, and availability.
 It is one of the best network monitoring tools that offer multi-vendor support, and
a cloud- based network monitoring tool
 Offers 24×7 monitoring of the network in real-time.
 The monitoring is done without any interruptions due to the high availability
mechanisms used in it.
 It’s a Simple Network Management Protocol (SNMP) based network that allows you
to detect anomalies immediately.
 It contains a root cause analysis feature.
 Offers a complete network mapping with layer 2 maps giving you full visibility.
 Contains features like custom monitoring, cloud-based scalability, dashboards, etc.
 Free trial: yes, 30-days free trial

Pros

 It has a mobile version supported by Android and iOS.

 Network monitoring is done 24×7
 It supports over 450 vendors like Canon, HP, Cisco, D-link, Dell, etc.
 Uses real-time data to discover devices.
 User-friendly network monitoring tool

Cons

 It has many features, making it time captivating to understand it fully.

5. Network Performance
Monitor Platform: Windows &
Linux
The Network Performance Monitor software helps in saving time and improving the
network security and reliability by managing configurations, compliance for routers,
switches, and other networks, etc.
Key features:
 Ensure high network reliability and uptime with automated backup schedules for
routers, firewalls, and switches.
 Offers fully automated configuration for most managed network devices.
 You can easily view, deploy, track, and backup all the network device
configurations from one location.
 Provides a fast and error-free execution of configuration changes.
 You can identify the differences in lines of code with the configuration comparison feature.
 It maintains the configuration database, which can help you in the future with security
misconfigurations.
 Efficiently manage the routers and avoid security misconfiguration.
 Easily create multi-device-based baseline configurations giving you a reference point.
 Through the proactive drift management feature, you can improve operational efficiency.
 With a network inventory tool, you can increase productivity and save time.
 Import existing devices, irrespective of the device type, and automatically update
your device information whenever it changes.
 Free trial: Yes,30- days free trial
Pros

 It is a multi-vendor inventory software

 It quickly resolves network issues.
 Simplify and improve your network compliance
 It automatically identifies vulnerabilities and leverages them.
 It is compatible with other SolarWinds modules.

Cons

 It is challenging to track all the changes in tools.

6. Better Stack
Platform: Web-based and Cloud-based

Better Stack offers a radically better observability platform. It combines monitoring,

log management, observability dashboards, incident management, and status pages
 into a single integrated product

Key features:
 Real time observability dashboards
 Actionable threshold alerting based on different hosts
 Simple integration with your stack
 Out of the box integrations: Datadog, New Relic, Prometheus, Zabbix, AWS, Azure,
Google cloud platform, Slack, Microsoft Teams and more
 Uptime, Ping, HTTPS, SSL & TLD expiration, DNS, Cron jobs checks and more
 30-seconds monitoring frequency
 Incident management and on-call alerting built in
 Licensing: Cloud-based
 Price: Free plan available
 Free trial: Yes (60 days free trial)

Pros

 Integrated status pages for incident communication

 Unlimited on-call alerting on all paid plans
 Powerful out of the box integrations

Cons

 Limited DNS monitoring options

7. Obkio
Platform: Linux, Windows, Mac iOS
Obkio’s Network performance monitoring and SaaS solution software helps you to
identify the issues and resolve them to deliver an improved end-user experience. It is
one of the best network monitoring tools that provide real-time network performance
updates every 500ms

Key features:
 Continuous monitoring using monitoring Agents
 Exchange of Synthetic Traffic to measure performance
 Monitoring from the End-User perspective
 Decentralized monitoring between pairs of agents in different locations
 This network performance monitoring tool provides historical performance to
troubleshoot past issues
 Automatic Speed Tests to assess network health
 User Quality of Experience (QoE) is measured every minute

 Enable SNMP device monitoring so that you can monitor firewalls, CPU, switches,
 routers, and much more.
 SaaS application allows storing information in the cloud, making it useful and easy to set up.
 Free trial: 14- day free trial

Pros

 Deploys in minutes
 Troubleshoot intermittent performance issues.
 The monitoring agents are supported by every system, Windows, Linux, Hyper-V, and more.
 In places with no IT servers, you can use hardware agents available in plug-and-play.
 web and mobile app is available

Cons

 Does not offer a wider range of Integrations

8. Paessler PRTG
Platform: Windows, Mac, Linux, Android, and iOS
PRTG network monitoring software is known for its advanced infrastructure
management capabilities. Its user interface is very powerful and is the best fit for
organizations with low experience in network monitoring. This is one of the best free
network monitoring tools that supervises the entire IT infrastructure using advanced
technologies like SNMP, WMI, HTTP requests, Pings, SSH, and much more.

Key features:
 Completely monitors all the devices, systems, and traffic in your IT infrastructure.
 This free networking monitoring software supports multi-site capabilities.
 Comprises of SNMP sensors that gather device health information
 The Ping feature enables you to check the device’s health information.
 It contains extra sensors to monitor servers and applications.
 It monitors specific datasets from your database with individually configured PRTG sensors.
 Entirely manages and provides detailed statistics of all the applications running
in your network.
 Monitors all the servers in real-time with regard to their accessibility, availability, and
capacity.
 Supervising for LANs as well as for wireless networks.
 It offers auto-discovery by which you can create and maintain a device inventory.
 The Live topology maps in a range of formats are available.
 It has a protocol analyzer that identifies high-traffic applications.
 Free trial: 30-day free trial.
Pros

 The dashboard contains color-coded graphs of live data in your network monitoring system.
 There are no additional plugins or downloads; everything is included in PRTG.
 It is an easy-to-use solution for all business sizes.
 It monitors a diverse range of devices with SNMP
 It offers a free version
 It has a wide range of alert mediums like SMS, emails, and any third-party integrations.

Cons

 It has an enormous range of features that require time to clearly understand.

Result:Thus various network monitoring tools have been explored successfully.

EX NO: 9 CONFIGURATION OF FIREWALL

Aim: To study the Configuration of firewall on
windows. Configuring Firewall Defender on
Windows:
Procedure: Step 1: Launch Start from the taskbar.
Step 2: Search “Settings” in the search bar if you do not find the Settings icon in Start menu.

Step 3: In the left pane of Settings, click Privacy & security.

Step 4: Click Windows Security option in Privacy & security menu.

Step 5: Select Firewall & network protection.

Step 6: Now Window’s Security window will pop up window’s. Here you can verify
whether your Defender firewall is active or not.
Step 7: Now to configure the firewall according to your requirement, click Advanced
settings. You will be prompted by User Account Control to give Administrative access to
Windows Defender to make changes. Click Yes to proceed.

Step 8: Windows Defender Firewall with Advanced Security window will launch after
giving administrative permission.
Step 9: The left pane has several options:
 Inbound rules: Programs, processes, ports can be allowed or denied the
incoming transmission of data within this inbound rules.
 Outbound rules: Here we can specify whether data can be sent outwards
by that program, process, or port.

Step 10: To add a new inbound rule, select Inbound Rules option, then click New Rule…
from the right panel.

Step 11: Now we will configure an inbound rule for a network port. A New Inbound
Rule Wizard window pops-up, select Port option and click next.
Step 12: Now select TCP and specify port number 65000.

Step 13: Now we can select the action we need to take on this port. We will block the

inbound connection by selecting Block the connection option then click Next.
Step 14: Here we can specify when should this rule come into action. We will
keep only Public option selected and move Next

Step 15: This is the last step. Here we provide a name to this rule so that we can keep
track of it later in the Inbound rules list. Write the name “65000 Port Block (Public)”.
Click Finish.

Step 16: The inbound rule is successfully created. We can find “65000 Port Block

(Public)” in the Inbound rules list.

Step 17: Right-click the rule we just created and there are multiple options with
which it can be Disabled or Deleted.
Result:Thus the configuration of Firewall on windows was studied successfully
 Ex:No:10 Configuring VPN

Aim: Study to Configure VPN (Virtual Private Network)

Steps To Configure VPN

1. Click the Windows Start button and select the Settings cog.

2. Under Windows Settings, select Network & Internet

3. Select VPN from the left menu, then at the right, click Add a VPN connection.
4. In the dialog box that
opens
5.Set Connection name .For example to "UWSP VPN"

6. Set Server name or address .For Example

"vpn.uwsp.edu" 8.Click Save

9. Select Change adapter options

10. Right-click UWSP VPN and select Properties.

11. In the UWSP VPN Properties box select the Networking tab. Select Internet Protocol
Version 6 and click Properties.

12. Click Advanced on the Internet Protocol Version 6 Properties box that
opens. 13.In the Advanced TCP/IP Settings box:
uncheck “Use default gateway…” on the IP Settings tab.
Note: this step is needed only for privately owned computers; UWSP owned computers do
not need this option. Select the DNS tab. In the text box labeled “DNS suffix for this
connection:” type,“uwsp.edu” (no quotes). Note, "Append these DNS suffixes" may instead
display here.

14. Click OK.

15. Click OK to the Internet Protocol Version 6 Properties box. This returns you to the
UWSP VPN Properties box.

16. In the UWSP VPN Properties box now select Internet Protocol Version 4 and click
Properties.
17. 17.Click Advanced on the Internet Protocol Version 4 Properties box.
18.In the Advanced TCP/IP Settings box on the IP Settings tab, uncheck “Use default
gateway…”.
19.Click OK.
20.Click OK to the Advanced box and OK to the Internet Protocol Version 4
Properties box.
21.Finally, click OK on the UWSP VPN Properties box.
You have now disabled the default gateway for both Internet Protocol Version 6 and version
4. Your UWSP VPN should be configured.

To start a UWSP VPN connection

1.Click the Windows Start button and select Settings.
2.Under Windows Settings, select Network & Internet.
3. Select VPN from the left menu, then at the right, click "UWSP VPN".

4. Click "Connect" and log in with your UWSP username and password. You will be
asked to authenticate with MFA.

Result: Thus the configuration of VPN was studied successfully/.