LAB MANNUAL

COMPUTER NETWORK

Prepared by:-
Ranjan Thakur
(Asst. Professor)
 List of Experiments:
1 Study of Different Type of LAN& Network Equipments.

2 Study and Verification of standard Network topologies i.e. Star, Bus, Ring etc.

3 To study the various networking devices.

4 To study different connectors & cables.

5 To study of network Internet protocol.

6 To study of local Area Network.

7 To Study of Application layer protocols- DNS, HTTP, HTTPS, FTP and TelNet.

8 To study of network simulation technique.

9 To study of network scanning tools (nmap and Wireshark).

10 To study of basic network command and configuration command.

 EXPERIMENT NO 1

Study of Different Type of LAN& Network Equipments.

Network Equipment Information

Network equipment is used to combine, split, switch, boost, or direct packets of
information along a computer or telecommunications network. This product area
includes hubs, switches, routers, bridges, gateways, multiplexers, transceivers and
firewalls. In addition to device type, network equipment is defined by protocol
(e.g., Ethernet) and port or interface type (e.g., T1). These concepts are described
below.

How Network Equipment Works

Networking equipment interconnects devices so that data can be shared between

them. The layout or topology of these connected devices describes the network's
design or structure. Common topologies for computer networks include bus, ring,
star, tree, and mesh. Hybrid topologies are also used.

In wireless networks, devices communicate via radio waves and do not require
physical connections. In wired networks, cables are used. These cables are
equipped with connectors for a specific port or interface type. For example,
attachment unit interface (AUI) cables are equipped with 15-pin connectors that
mate with a 15-pin receptacle on network transceivers.

Computer networks handle data according to protocols that are fundamental

mechanisms for network communications. Network protocols specify the software
attributes of data communications, including the structure of packets and the
information contained therein. Depending upon the type of network, packets may
be called blocks, cells, frames or segments. Network protocols may also prescribe
some or all of the operational characteristics of the network hardware on which
they run.

This diagram depicts a network with various types of equipment.

 Figure: City Infrastructure

Types of Network Equipment

The Engineering 360 Spec Search database allows industrial buyers to search for
and select the following types of network equipment.

 Hubs provide a central location for attaching wires to workstations. There

are two types: passive and active.
 Switches connect devices to host computers and allow large numbers of
these devices to share a limited number of ports.
 Routers are protocol-dependent devices that connect sub-networks or divide
a very large network into smaller sub-networks.
 Repeaters use regeneration and retiming to ensure that signals are
transmitted clearly through all network segments.
 Bridges are used to interconnect local or remote networks. They centralize
network administration.
 Gateways can interconnect networks with different, incompatible
communications protocols.
 Multiplexers combine multiple signal inputs into one output.
 Transceivers connect nodes and send and receive signals. They are
sometimes called medium access units (MAU).
 EXPERIMENT NO 2

Study and Verification of standard Network topologies i.e. Star, Bus, Ring etc.

Types of Network Topology

Network Topology is the schematic description of a network arrangement,
connecting various nodes (sender and receiver) through lines of connection.

BUS Topology
Bus topology is a network type in which every computer and network device is
connected to single cable. When it has exactly two endpoints, then it is called
Linear Bus topology.

Features of Bus Topology

1. It transmits data only in one direction.
2. Every device is connected to a single cable

Advantages of Bus Topology

1. It is cost effective.
2. Cable required is least compared to other network topology.
3. Used in small networks.
4. It is easy to understand.
5. Easy to expand joining two cables together.

Disadvantages of Bus Topology

1. Cables fails then whole network fails.
2. If network traffic is heavy or nodes are more the performance of the network
decreases.
3. Cable has a limited length.
4. It is slower than the ring topology.
RING Topology
It is called ring topology because it forms a ring as each computer is connected to
another computer, with the last one connected to the first. Exactly two neighbors
for each device.

Features of Ring Topology

1. A number of repeaters are used for Ring topology with large number of
nodes, because if someone wants to send some data to the last node in the
ring topology with 100 nodes, then the data will have to pass through 99
nodes to reach the 100th node. Hence to prevent data loss repeaters are used
in the network.
2. The transmission is unidirectional, but it can be made bidirectional by
having 2 connections between each Network Node, it is called Dual Ring
Topology.
3. In Dual Ring Topology, two ring networks are formed, and data flow is in
opposite direction in them. Also, if one ring fails, the second ring can act as
a backup, to keep the network up.
4. Data is transferred in a sequential manner that is bit by bit. Data transmitted,
has to pass through each node of the network, till the destination node.
Advantages of Ring Topology
1. Transmitting network is not affected by high traffic or by adding more
nodes, as only the nodes having tokens can transmit data.
2. Cheap to install and expand

Disadvantages of Ring Topology

1. Troubleshooting is difficult in ring topology.
2. Adding or deleting the computers disturbs the network activity.
3. Failure of one computer disturbs the whole network.

STAR Topology
In this type of topology all the computers are connected to a single hub through a
cable. This hub is the central node and all others nodes are connected to the central
node.

Features of Star Topology

1. Every node has its own dedicated connection to the hub.
2. Hub acts as a repeater for data flow.
3. Can be used with twisted pair, Optical Fibre or coaxial cable.

Advantages of Star Topology

1. Fast performance with few nodes and low network traffic.
 2. Hub can be upgraded easily.
3. Easy to troubleshoot.
4. Easy to setup and modify.
5. Only that node is affected which has failed, rest of the nodes can work
smoothly.

Disadvantages of Star Topology

1. Cost of installation is high.
2. Expensive to use.
3. If the hub fails then the whole network is stopped because all the nodes
depend on the hub.
4. Performance is based on the hub that is it depends on its capacity

MESH Topology
It is a point-to-point connection to other nodes or devices. All the network nodes
are connected to each other. Mesh has n(n-1)/2 physical channels to link n devices.

There are two techniques to transmit data over the Mesh topology, they are :

1. Routing
2. Flooding

Routing
In routing, the nodes have a routing logic, as per the network requirements. Like
routing logic to direct the data to reach the destination using the shortest distance.
Or, routing logic which has information about the broken links, and it avoids those
node etc. We can even have routing logic, to re-configure the failed nodes.

Flooding
In flooding, the same data is transmitted to all the network nodes; hence no routing
logic is required. The network is robust, and the its very unlikely to lose the data.
But it leads to unwanted load over the network.
Types of Mesh Topology
1. Partial Mesh Topology: In this topology some of the systems are connected
in the same fashion as mesh topology but some devices are only connected
to two or three devices.
2. Full Mesh Topology: Each and every nodes or devices are connected to
each other.

Features of Mesh Topology

1. Fully connected.
2. Robust.
3. Not flexible.

Advantages of Mesh Topology

1. Each connection can carry its own data load.
2. It is robust.
3. Fault is diagnosed easily.
4. Provides security and privacy.

Disadvantages of Mesh Topology

1. Installation and configuration is difficult.
2. Cabling cost is more.
3. Bulk wiring is required.
TREE Topology
It has a root node and all other nodes are connected to it forming a hierarchy. It is
also called hierarchical topology. It should at least have three levels to the
hierarchy.

Features of Tree Topology

1. Ideal if workstations are located in groups.
2. Used in Wide Area Network.

Advantages of Tree Topology

1. Extension of bus and star topologies.
2. Expansion of nodes is possible and easy.
3. Easily managed and maintained.
4. Error detection is easily done.

Disadvantages of Tree Topology

1. Heavily cabled.
2. Costly.
3. If more nodes are added maintenance is difficult.
4. Central hub fails, network fails.

HYBRID Topology
It is two different types of topologies which is a mixture of two or more topologies.
For example if in an office in one department ring topology is used and in another
star topology is used, connecting these topologies will result in Hybrid Topology
(ring topology and star topology).
Features of Hybrid Topology
1. It is a combination of two or topologies
2. Inherits the advantages and disadvantages of the topologies included

Advantages of Hybrid Topology

1. Reliable as Error detecting and trouble shooting is easy.
2. Effective.
3. Scalable as size can be increased easily.
4. Flexible.

Disadvantages of Hybrid Topology

1. Complex in design.
2. Costly.
 EXPERIMENT NO 3

To study the various networking devices.

 Switch:-
Switches occupy the same place in the network as hubs. Unlike hubs, switches
examine each packet and process it accordingly rather than simply repeating the
signal to all ports. Switches map the Ethernet addresses of the nodes residing on
each network segment and then allow only the necessary traffic to pass through the
switch. When a packet is received by the switch, the switch examines the
destination and source hardware addresses and compares them to a table of
network segments and addresses. If the segments are the same, the packet is
dropped ("filtered"); if the segments are different, then the packet is "forwarded" to
the proper segment. Additionally, switches prevent bad or misaligned packets from
spreading by not forwarding them.

Filtering of packets and the regeneration of forwarded packets enables switching

technology to split a network into separate collision domains. Regeneration of
packets allows for greater distances and more nodes to be used in the total network
design, and dramatically lowers the overall collision rates. In switched networks,
each segment is an independent collision domain. In shared networks all nodes
reside in one, big shared collision domain.

Easy to install, most switches are self learning. They determine the Ethernet
addresses in use on each segment, building a table as packets are passed through
the switch. This "plug and play" element makes switches an attractive alternative
to hubs.

Switches can connect different networks types (such as Ethernet and Fast Ethernet)
or networks of the same type. Many switches today offer high-speed links, like
Fast Ethernet or FDDI that can be used to link the switches together or to give
added bandwidth to important servers that get a lot of traffic. A network composed
of a number of switches linked together via these fast uplinks is called a "collapsed
backbone" network.

 Network switch:-

A network switch or switching hub is a computer networking device that connects

network segment.The term commonly refers to a multi-port network bridge that
processes and routes data at the data link layer (layer 2) of the OSI model.
Switches that additionally process data at the network layer(Layer 3) and above are
often referred to as Layer 3 switches or multilayer switches.The
first Ethernet switch was introduced by Kalpana in 1990.

Fig1-Ethernet Switch

Role of switches Network:-

Switches may operate at one or more layers of the OSI model, including data
link and network. A device that operates simultaneously at more than one of these
layers is known as a multilayer switch.
In switches intended for commercial use, built-in or modular interfaces make it
possible to connect different types of networks, including Ethernet, Fibre
Channel, ATM, ITU-T G.hn and 802.11. This connectivity can be at any of the
layers mentioned. While Layer 2 functionality is adequate for bandwidth-shifting
within one technology, interconnecting technologies such as Ethernet and token
ring is easier at Layer 3.
Devices that interconnect at Layer 3 are traditionally called routers, so "Layer-3
switches" can also be regarded as (relatively primitive) routers.
In some service provider and other environments where there is a need for a great
deal of analysis of network performance and security, switches may be connected
between WAN routers as places for analytic modules. Some vendors
provide firewall,network intrusion detection,and performance analysis modules
that can plug into switch ports. Some of these functions may be on combined.

 Router:-

A Cisco ASM/2-32EM router deployed at CERN in 1987

traffic. Routers can share status and routing information with one another and use
this information to bypass slow or malfunctioning connections.

Routers do not look at the destination node address; they only look at the network
address. Routers will only pass the information if the network address is known.
This ability to control the data passing through the router reduces the amount of
traffic between networks and allows routers to use these links more efficiently than
bridge.

 Repeater

Network repeaters regenerate incoming electrical, wireless or optical signals. With

physical media like Ethernet or wi-fi data transmissions can only span a limited
distance before the quality of the signal degrades. Repeaters attempt to preserve
signal integrity and extend the distance over which data can safely travel.
Actual network devices that serve as repeaters usually have some other
name. Active hubs, for example, are repeaters. Active hubs are sometimes also
called "multiport repeaters," but more commonly they are just "hubs." Other types
of "passive hubs" are not repeaters. In Wi-Fi, access point function as repeaters
only when operating in so-called "repeater mode."
Higher-level devices in the osi model like switch and router generally do not
incorporate the functions of a repeater. All repeaters are technically OSI physical
layer devices.
 Fig 3- A Repeater
 Bridges:-

Like a repeater, a bridge can join segments or workgroup LANs. However, a

bridge can also divide a network to isolate traffic or problems. For example, if the
volume of traffic from one or two computers or a single department is flooding the
network with data and slowing down entire operation, a bridge can isolate those
computers or that department.

In the following figure, a bridge is used to connect two segment segment 1 and
segment 2.

Fig 4- A Bridge
 Bridges can be used to:
I.Expand the distance of a segment.
Ii.Provide for an increased number of computers on the network.
Iii.Reduce traffic bottlenecks resulting from an excessive number of attached
computers.

Bridges work at the Data Link Layer of the OSI model. Because they work at this
layer, all information contained in the higher levels of the OSI model is
unavailable to them. Therefore, they do not distinguish between one protocol and
another. Bridges simply pass all protocols along the network. Because all protocols
pass across the bridges, it is up to the individual computers to determine which
protocols they can Recognize.A Bridge works on the principle that each network
node has its own address. A bridge forwards the packets based on the address of
the particular destination node. As traffic passes through the bridge, information
about the computer addresses is then stored in the bridge's RAM. The bridge will
then use this RAM to build a routing table based on source addresses.

 Gateways:-

Gateways make communication possible between different architectures and

environments. They repackage and convert data going from one environment to
another so that each environment can understand the other's environment data.

A gateway repackages information to match the requirements of the destination

system. Gateways can change the format of a message so that it will conform to the
application program at the receiving end of the transfer.

A gateway links two systems that do not use the same:

i. Communication protocols
ii. Data formatting structures
iii. Languages
iv. Architecture
 EXPERIMENT NO. 4

To study different connectors & cables.

 Connectors:-

Network cards have three main types of connectors. Below is an example of what a
network card may look like.

 BNC connector: As illustrated in the above picture the BNC connector is a

round connector, which is used for thin net or 10Base-2 Local Area Network.

Fig 6- BNC connector

 DB9 (RJ45 JACK): The DB9 connector not to be confused with the Serial
Port or sometimes referred to as the RJ45 JACK not to be confused with the
RJ45 connection is used with Token Ring networks

Fig 7- DB 9 connector
 DB15 Connector: The DB15 connector is used for a Thick net or 10Base-5
Local area network.

Fig 8- DB 15

 RJ45 connector: Today one of the most popular types of connections used
with computer networks. RJ45 looks similar to a phone connector or RJ11
connector however is slightly larger.

Fig 9-RJ-45 connector

LED - The LED's as shown in the above illustration indicates if it detects a

network generally by a green light which may flash as it communicates and then a
red light which indicates collisions which will generally flash or not flash at all.

 Cables:-

The following is a few examples of some of the more commonly used types of
cables found with networks.
 Experiment 5

To study of network Internet protocol.

IP Networking Basics

This is a very brief introduction to IP networking. For more in-depth information,

there are a number of excellent references. In particular, Douglas Comer's
Internetworking with TCP/IP (Prentice Hall) is one of the standard references and
provides a wealth of information on the subject.

IP Addresses

Each device on an IP network requires 3 different pieces of information in order to

correctly communicate with other devices on the network: an IP address, a subnet
mask, and a broadcast address. You will usually see each of these numbers written
as four "octets" (e.g. 198.41.12.151, 255.255.255.0, and 198.41.12.255).

Every IP address is really made up of two pieces: a "network" portion, which tells
routers what group of devices a packet should go to (e.g., any, a campus, etc.) and
a "host" portion which tells routers what specific device among that group the
packet should go to.

By examining the destination address in an IP packet that must be forwarded, and

by using information that has either been statically configured or dynamically
gathered from other routers, any router can determine the optimal path for
forwarding packets from one group to another.

Each group of devices on an IP internet needs to have a unique network portion,

and each device within that group also needs a unique host portion. In the case of
the Internet, this uniqueness is made possible by indirectly getting all network
portion assignments through a central clearinghouse called the Network
Information Center or "NIC." The NIC assigns blocks of addresses to Internet
Service Providers (ISPs), who then assign these addresses to their customers.

If your network is, or will be, connected to the Internet, you will need to get a
unique network address from your ISP or network administrator.
How much of any given address is the network part and how much is the host part
is determined by the "class" of the network. In each case, the part of the address
not used for the network portion is left as the host portion.

Table A-1 describes how IP address classes are organized.

Table A-1 IP Address Classes

Class Network Portion Hosts Allowed

A from 1.0 to 127.0 approx. 16 million

B from 128.0 to 191.255 65,536
C from 192.0 to 223.255.255 255

You can always tell what class an address is by looking at the first octet and
comparing it to the chart above. For instance, the address at the top of this
appendix has 198 as the first octet, so it is Class C.

Subnet Masks

A subnet mask tells a router how much of an address it should treat as the network
portion. The masks for traditional Class A, B and C networks are shown below
in Table A-2

Table A-2 Standard IP Subnets

Class Subnet Mask

A 255.0.0.0
B 255.255.0.0
C 255.255.255.0
 Experiment 6

To study of local Area Network.

Local Area Networks (LANs): "...are concerned with the interconnection of items
of computing equipment (office workstations, intelligent instruments etc.) which
are distributed over a localized area such as a university campus or process plant.
They are referred to, therefore as Local Area Networks". (Halsall, 1988).

LANs can be distinguished from other networks because of their short distance.
The total coverage may be from 1 km to 10 kms. The data transmission speed
of LANs is much higher than in other types of networks. When a WANs works
at a speed of 1 mbps, LANs can transmit data at a speed of 1 - 10 mbps. The
error rate in data transmission is slow because of the shorter distance between
the equipment. Since LANs are within a single building or a smaller area, they
are owned by the specific organization. This localized control provides greater
flexibility in LANs than other types of networks.

Components of a LAN

Each workstation of the LAN, which can be a microcomputer, a barcode reader or

a word processor, can work as autonomous equipment, but they are connected to a
central controlling unit, through which they can communicate (exchange data,
share software or hardware) with other workstations of the network. Though each
workstation can act independently, they are not capable of controlling the activities
of other stations of the network. To avoid corruption or collision of data during
communication, several techniques like Career Sense Multiple Access/Collision
Detection (CSMA/CD) and Career Sense Multiple Access/Collision Avoidance are
used to control the transmission of data. Further information on these techniques
will not be given here since it lies outside the scope of this paper. Figure 1 shows
the basic components of a LAN (Collier, 1988).
 Communication medium: there is some kind of medium to connect all the
workstations and other equipment together.

File server: a computer dedicated to providing shared access to a main storage

device.

Types of LANs

LANs can be divided in to two categories based on their topology and

communication media. According to topology LANs can take several forms but
three core forms can be identified easily as follows:

Star Each workstation is connected to the control unit in the form of a star.
Communication between two workstations has to be done through this central
controller. A particular station which wants to communicate with another station
builds up a connection, through the central controlling center, with the destination.
Once this connection is established data can be communicated from one to the
other station.

Ring This category has no central controller but devices are joint together in a
form of a ring. Data has to pass some other workstations to reach its destination.
―A station wishing to trans-mit waits until its turn and then places a data packet on
to the ring. This circulates around until it reaches its destination where the node
copies the data into a local buffer. The packet then continues to circulate until
arrives back at its source. This then provides a form of acknowledgment."
(Winfield, 1984).

Bus This takes the form of a data highway connecting all equipment to a linear
communication media. A transmission from any station can be received by any
other station like in the ring type. Hence there is no sufficient data security in these
types. ―Obviously if all these devices started transmitting at once there would be
chaos, so only one device is allowed to 'talk' at any one time. A form of access
control is enforced to determine who can transmit next. The most commonly used
medium access control is known as Career Sense Multiple Access with Collision
Detection." (Winfield, 1988).
 EXPERIMENT -7

Study of Application layer protocols- DNS, HTTP, HTTPS, FTP and TelNet.

An application layer protocol defines how application processes (clients and

servers), running on different end systems, pass messages to each other. In
particular, an application layer protocol defines:

 The types of messages, e.g., request messages and response messages.

 The syntax of the various message types, i.e., the fields in the message
and how the fields are delineated.
 The semantics of the fields, i.e., the meaning of the information that the
field is supposed to contain;
 Rules for determining when and how a process sends messages and
responds to messages.
SMTP (Simple Mail Transfer Protocol):

 One of the most popular network services is electronic mail (e-mail).

 The TCP/IP protocol that supports electronic mail on the Internet is
called Simple Mail Transfer Protocol (SMTP).
 SMTP transfers messages from senders' mail servers to the recipients'
mail servers using TCP connections.
 Users based on e-mail addresses.
 SMTP provides services for mail exchange between users on the same
or different computers.
 Following the client/server model:
o SMTP has two sides: a client side which executes on a sender's
mail server, and server side which executes on recipient's mail
server.
o Both the client and server sides of SMTP run on every mail
server.
o When a mail server sends mail (to other mail servers), it acts as
an SMTP client.
o When a mail server receives mail (from other mail servers) it acts
as an SMTP server.

TELNET (Terminal Network):

 TELNET is client-server application that allows a user to log onto

remote machine and lets the user to access any application program on
a remote computer.
 TELNET uses the NVT (Network Virtual Terminal) system to encode
characters on the local system.
 On the server (remote) machine, NVT decodes the characters to a form
acceptable to the remote machine.
 TELNET is a protocol that provides a general, bi-directional, eight-bit
byte oriented communications facility.
 Many application protocols are built upon the TELNET protocol

FTP (File Transfer Protocol):

 FTP is the standard mechanism provided by TCP/IP for copying a file

from one host to another.
 HTTP utilizes TCP connections to send client requests and server
replies.

Domain Name System (DNS):

 To identify an entity, TCP/IP protocol uses the IP address which

uniquely identifies the connection of a host to the Internet.
 DNS is a hierarchical system, based on a distributed database that uses
a hierarchy of Name Servers to resolve Internet host names into the
corresponding IP addresses required for packet routing by issuing a
DNS query to a name server.
 However, people refer to use names instead of address. Therefore, we
need a system that can map a name to an address and conversely an
address to name.
 In TCP/IP, this is the domain name system.
 DNS in the Internet: DNS is protocol that can be used in different
platforms.
 Domain name space is divided into three categories.
 Generic Domain: The generic domain defines registered hosts
according, to their generic behaviour. Each node in the tree defines a
domain which is an index to the domain name space database.

 Country Domain: The country domain section follows the same format
as the generic domain but uses 2 characters country abbreviations (e.g.,
US for United States) in place of 3 characters.
 Inverse Domain: The inverse domain is used to map an address to a
name.
 EXPERIMENT -8

To study of network simulation technique.

In communication and computer network research, network simulation is a
technique whereby a software program models the behavior of a network by
calculating the interaction between the different network entities (routers, switches,
nodes, access points, links etc.). Most simulators use discrete event simulation - the
modeling of systems in which state variables change at discrete points in time. The
behavior of the network and the various applications and services it supports can
then be observed in a test lab; various attributes of the environment can also be
modified in a controlled manner to assess how the network / protocols would
behave under different conditions.

Network simulator
A network simulator is software that predicts the behavior of a computer
network. Since communication Networks have become too complex for traditional
analytical methods to provide an accurate understanding of system behavior,
etwork simulators are used. In simulators, the computer network is modeled with
devices, links, applications etc. and the performance is analysed. Simulators come
with support for the most popular technologies and networks in use today such as
Wireless LANs, Mobile Adhoc Networks, Wireless Sensor Networks, Vehicular
Adhoc Networks, Cognitive Radio networks, LTE / LTE- Advanced Networks,
Internet of things (IOT) etc.
Simulations
Most of the commercial simulators are GUI driven, while some network simulators
are CLI driven. The network model / configuration describe the network (nodes,
routers, switches, links) and the events (data transmissions, packet error etc.).
Output results would include network level metrics, link metrics, device metrics
etc. Further, drill down in terms of simulations trace files would also be available.
Trace files log every packet, every event that occurred in the simulation and are
used for analysis. Most network simulators use discrete event simulation, in which
a list of pending "events" is stored, and those events are processed in order, with
some events triggering future events—such as the event of the arrival of a packet at
one node triggering the event of the arrival of that packet at a downstream node.
Network emulation
Network emulation allows users to introduce real devices and applications into a
test network (simulated) that alters packet flow in such a way as to mimic the
behavior of a live network. Live traffic can pass through the simulator and be
affected by objects within the simulation.
The typical methodology is that real packets from a live application are sent to the
emulation server (where the virtual network is simulated). The real packet gets
'modulated' into a simulation packet. The Simulation packet gets demodulated into
real packet after experiencing effects of loss, errors, delay, jitter etc., thereby
transferring these network effects into the real packet. Thus it is as-if the real
packet flowed through a real network but in reality it flowed through the simulated
network.
Emulation is widely used in the design stage for validating communication
networks prior to deployment.
List of network simulators
There are both free/open-source and proprietary network simulators available.
Examples of notable network simulators / emulators include:
 ns (open source)
 OPNET (proprietary software)
 TETCOS NetSim (proprietary software)
Uses of network simulators /emulators
Network simulators provide a cost-effective method for
a. Network design validation for enterprises / data centers /sensor networks etc.
b. Analyzing Utilities distribution communication, railway signaling /
communication etc.
c. Network R & D (More than 70 % of all Network Research paper reference a
network simulator)
d. Defense applications such as HF / UHF / VHF MANET networks, Tactical data
links etc
e. Education - Lab experimentation. Most universities use a network simulation to
teach / experiment on networking since its too expensive to buy hardware
equipment
f. Experimentation on Machine learning for networks
There are a wide variety of network simulators, ranging from the very simple to the
very complex. Minimally, a network simulator must enable a user to
 EXPERIMENT 9
To study of network scanning tools (nmap and Wireshark).
Nmap (Network Mapper) is a security scanner, originally written by Gordon
Lyon (also known by his n used to discover hosts and services on a computer
network, thus building a "map" of the network. To accomplish its goal, Nmap
sends specially crafted packets to the target host(s) and then analyzes the
responses.
The software provides a number of features for probing computer networks,
including host discovery and service and operating-system detection. These
features are extensible by scripts that provide more advanced service
detection,[3]vulnerability detection,[3] and other features. Nmap can adapt to
network conditions including latency and congestion during a scan. The Nmap
user community continues to develop and refine the tool.

Features:-
Nmap features include:

 Host discovery – Identifying hosts on a network. For example, listing the hosts
that respond to TCP and/or ICMP requests or have a particular port open.
 Port scanning – Enumerating the open ports on target hosts.
 Version detection – Interrogating network services on remote devices to
determine application name and version number.[7]
 OS detection – Determining the operating system and hardware characteristics
of network devices.
 Scriptable interaction with the target – using Nmap Scripting Engine (NSE)
and Lau programming language.
Nmap can provide further information on targets, including reverse DNS names,
device types, and MAC addresses.
Typical uses of Nmap:
 Auditing the security of a device or firewall by identifying the network
connections which can be made to, or through it.[10]
 Identifying open ports on a target host in preparation for auditing.[11]
 Network inventory, network mapping, and maintenance and asset management.
 Auditing the security of a network by identifying new servers.[12]
 Generating traffic to hosts on a network, response analysis and response time
measurement.[13]
 Finding and exploiting vulnerabilities in a network.
Wireshark
Wireshark is a free and open source packet analyzer. It is used
for network troubleshooting, analysis, software and communications
protocol development, and education. Originally named Ethereal, the project was
renamed Wireshark in May 2006 due to trademark issues.[4]
Wireshark is cross-platform, using the Qt widget toolkit in current releases to
implement its user interface, and using pcap to capture packets; it runs
on Linux, macOS, BSD, Solaris, some other Unix-like operating systems,
and Microsoft Windows. There is also a terminal-based (non-GUI) version called
TShark. Wireshark, and the other programs distributed with it such as TShark,
are free software, released under the terms of the GNU General Public License.

Features
Wireshark is a data-capturing program that "understands" the structure
(encapsulation) of different networking protocols. It can parse and display the
fields, along with their meanings as specified by different networking protocols.
Wireshark uses pcap to capture packets, so it can only capture packets on the types
of networks that pcap supports.

 Data can be captured "from the wire" from a live network connection or read
from a file of already-captured packets.
 Live data can be read from different types of networks,
including Ethernet, IEEE 802.11, PPP, and loopback.
 Captured network data can be browsed via a GUI, or via the terminal
(command line) version of the utility, TShark.
 Captured files can be programmatically edited or converted via command-line
switches to the "editcap" program.
 Data display can be refined using a display filter.
 Plug-ins can be created for dissecting new protocols.[19]
 VoIP calls in the captured traffic can be detected. If encoded in a compatible
encoding, the media flow can even be played.
 Raw USB traffic can be captured.
 Wireless connections can also be filtered as long as they traverse the
monitored Ethernet.
 Various settings, timers, and filters can be set to provide the facility
of filtering the output of the captured traffic.

 Experiment 10

To study of basic network command and configuration command

IP/Networking Commands There are a lot of IP commands with short

descriptions listed here but you should only need the ones mentioned here at the
top of the page to diagnose and configure your network.
C:>ping
C:>ipconfig
C:>ipconfig /all
C:>ipconfig/release
C:>ipconfig / renew
C:\>nbtstat –a

Remember when typing from the command prompt you can only type one
command per line, and press Enter after each one to execute it.

C:\>arp –a: is short for address resolution protocol, It will show the IP address of
your computer along with the IP address and MAC address of your router.
C:\>hostname: This is the simplest of all TCP/IP commands. It simply displays the
name of your computer.

C:\>ipconfig: The ipconfig command displays information about the host (the
computer your sitting at)computer TCP/IP configuration.
C:\>ipconfig /all: This command displays detailed configuration information about
your TCP/IP connection including Router, Gateway, DNS, DHCP, and type of
Ethernet adapter in your system.

C:\>Ipconfig /renew: Using this command will renew all your IP addresses that
you are currently (leasing) borrowing from the DHCP server. This command is a
quick problem solver if you are having connection issues, but does not work if you
have been configured with a static IP address.

C:\>Ipconifg /release: This command allows you to drop the IP lease from the
DHCP server.
C:\>ipconfig /flushdns: This command is only needed if you’re having trouble with
your networks DNS configuration. The best time to use this command is after
network configuration frustration sets in, and you really need the computer to reply
with flushed.
C:\>nbtstat –a: This command helps solve problems with NetBIOS name
resolution. (Nbt stands for NetBIOS over TCP/IP) Definitions

______________________________________________________