‭DATE:‬

‭1.‬‭Understanding and using of commandslike ifconfig, netstat, ping, arp, telnet, ftp, finger,‬
‭traceroute, whois etc. Usage of elementary socket system calls (socket (), bind(),‬
‭listen()accept(),connect(),send(),recv(),sendto(),recvfrom()).‬

‭Program Objective:‬

‭ nderstanding and using of commands like ifconfig, netstat, ping, arp, telnet, ftp,‬
U
‭finger, traceroute, whois‬

‭Program Description:‬

‭ NIX utilities are commands that, generally, perform a single task. It may be as simple as‬
U
‭printing the date and time, or a complex as finding files that match many criteria throughout‬
‭a directory hierarchy‬
‭IFCONFIG‬

T‭ he Unix command‬‭ifconfig‬‭(short for interface configurator) serves to configure and control‬

‭TCP/IP network interfaces from a command line interface (CLI). Common uses for ifconfig‬
‭include setting an interface's IP address and netmask, and disabling or enabling a given‬
‭interface. Ipconfig is an MS-DOS utility that can be used from MS-DOS and an MS-DOS shell to‬
‭display the network settings currently assigned and given by a network. This command can be‬
‭utilized to verify a network connection as well as to verify your network settings.‬

S‭ yntax‬‭: ipconfig [/allcompartments] [/? | /all | /renew [adapter] | /release [adapter] | /renew6‬
‭[adapter] | /release6 [adapter] | /flushdns | /displaydns | /registerdns | /showclassid adapter |‬
‭/setclassid adapter [classid] | /showclassid6 adapter | /setclassid6 adapter [classid] ]‬

E‭ xample‬‭: ipconfig /all‬

‭NETSTAT‬

‭ etstat (network statistics) is a command-line tool that displays network connections (both‬
n
‭incoming and outgoing), routing tables, and a number of network interface statistics. It is‬
‭used for finding problems in the network and to determine the amount of traffic on the‬
‭network as a performance measurement.‬

‭Parameters‬

‭Parameters used with this command must be prefixed with a hyphen (-) rather than a slash (/).‬

-‭ a :‬‭Displays all active TCP connections and the TCP‬‭and UDP ports on which the computer‬
‭is listening.‬

-‭ e :‬‭Displays ethernet statistics, such as the number of bytes and packets sent and‬
‭received. This parameter can be combined with -s.‬
 ‭-f :‬‭Displays fully qualified domain names for foreign addresses.‬

-‭ i‬‭:‬‭Displays‬‭network‬‭interfaces‬‭and‬‭their‬‭statistics‬‭(not‬‭available‬‭under‬‭Windows)‬‭-n‬‭:‬‭Displays‬
‭active‬‭TCP‬‭connections,‬‭however,‬‭addresses‬‭and‬‭port‬‭numbers‬‭are‬‭expressed‬‭numerically‬‭and‬
‭no attempt is made to determine names.‬

‭-o :‬‭Displays active TCP connections and includes‬‭the processID (PID) for each connection.‬
‭-p Linux:‬‭Process : Show which processes are using‬‭which sockets‬

‭Syntax:‬‭NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p‬‭proto] [-r] [-s] [-x] [-t]‬

‭[interval]‬

‭PING‬
‭ ing is a computer network tool used to test whether a particular host is reachable across an‬
P
‭IP network; it is also used to self test the network interface card of the computer, or as a speed‬
‭test. It works by sending ICMP “echo request” packets to the target host and listening for ICMP‬
‭“echo response” replies. Ping does not estimate the round-trip time, as it does not factor in‬
‭the user's connection speed, but instead is used to record any packet loss, and print a‬
‭statistical summary when finished. The word ping is also frequently used as a verb or noun,‬
‭where it is usually incorrectly used to refer to the round-trip time, or measuring the round-trip‬
‭time.‬
‭SYNTAX‬‭: ping [-t] [-a] [-n count] [-lsize] [-f] [-i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] |‬
‭[-k host-list]] [-w timeout] [-R] [-S srcaddr] [-4] [-6 target_name]‬

‭ARP‬

I‭n computer networking, the Address Resolution Protocol (ARP) is the method for finding a‬
‭host's link layer (hardware) address when only its Internet Layer (IP) or some other Network‬
‭Layer address is known. ARP has been implemented in many types of networks; it is not an IP‬
‭only or Ethernet-only protocol. It can be used to resolve many different network layer‬
‭protocol addresses to interface hardware addresses, although, due to the overwhelming‬
‭prevalence of IPv4 and Ethernet, ARP is primarily used to translate IP addressesto Ethernet‬
‭MAC addresses.‬

‭Arp syntax:‬

‭ARP -s inet_addr eth_adr [if_addr]‬

‭ARP -d inet_addr [if_addr]‬

‭ARP -a [inet_addr] [-N if_addr]‬

‭Example‬‭: arp -a‬

‭TELNET‬

T‭ elnet‬‭(Telecommunication‬‭network)‬‭is‬‭a‬‭network‬‭protocol‬‭used‬‭on‬‭the‬‭Internet‬‭or‬‭local‬‭area‬
‭network‬‭(LAN)‬‭connections.‬‭Typically,‬‭telnet‬‭provides‬‭access‬‭to‬‭a‬‭command-line‬‭interface‬‭on‬
‭a‬‭remote‬‭machine.‬‭The‬‭term‬‭telnet‬‭also‬‭refers‬‭to‬‭software‬‭which‬‭implements‬‭the‬‭client‬‭part‬
‭of the protocol. Telnet clients are available for virtually all platforms‬

‭Protocol details:‬
T‭ elnet is a client-server protocol, based on a reliable connection-oriented transport. Typically‬
‭this protocol is used to establish a connection to TCP port 23‬

S‭ yntax‬‭: telnet [-468ELadr] [-S tos] [-b address] [-e escapechar] [-l user] [-n tracefile] [host‬
‭[port]]‬

‭Example‬‭: telnet myhost.com‬

‭FTP‬

‭File Transfer Protocol (FTP):‬

F‭ TP is a network protocol used to transfer data from one computer to another through a‬
‭network such as the Internet.FTP is a file transfer protocol for exchanging and manipulating‬
‭files over a TCP computer network. An FTP client may connect to an FTP server to manipulate‬
‭files on that server.FTP runs over TCP. It defaults to listen on port 21 for incoming connections‬
‭from FTP clients. A connection to this port from the FTP Client forms the control stream on‬
‭which commands are passed from the FTP client to the FTP server and on occasion from the‬
‭FTP‬‭server‬‭to‬‭the‬‭FTP‬‭client.‬‭FTP‬‭uses‬‭out-of-band‬‭control,‬‭which‬‭means‬‭it‬‭uses‬‭a‬‭separate‬
‭connection‬‭for‬‭control‬‭and‬‭data.‬‭Thus,‬‭for‬‭the‬‭actual‬‭file‬‭transfer‬‭to‬‭take‬‭place,‬‭a‬‭different‬
‭connection is required which is called the data stream.‬

‭Syntax:‬‭ftp [-46pinegvd] [host [port]]‬

‭Example:‬‭ftp exampleftp.computerhope.com‬

‭FINGER:‬

I‭n computer networking, the Name/Finger protocol and the Finger user information protocol‬
‭are simple network protocols for the exchange of human-oriented status and user‬
‭information. finger looks up and displays information about system users.‬

‭Syntax:‬‭finger [-lmsp] [user ...] [user@host ...]‬

‭Example:‬‭finger -p ch‬

‭TRACEROUTE:‬

t‭ raceroute is a computer network tool used to determine the route taken by packets across‬
‭an IP network . An IPv6 variant, traceroute6, is also widely available.Traceroute is often used‬
‭for network troubleshooting. By showing a list of routers traversed, it allows the user to‬
‭identify the path taken to reach a particular destination on the network. This can help identify‬
‭routing‬
‭problems or firewalls that may be blocking access to a site. Traceroute is also used by‬
‭penetration testersto gather information about network infrastructure and IP ranges around a‬
‭given host. It can also be used when downloading data, and if there are multiple mirrors‬
‭available for the same piece of data, one can trace each mirror to get a good idea of which‬
‭mirror would be the fastest to use.‬

‭Syntax:‬‭traceroute [-46dFITUnreAV] [-f first_ttl] [-g gate,...] [-i device]‬

 ‭[-m max_ttl] [-p port] [-s src_addr] [-q nqueries]‬

‭-N squeries] [-t tos] [-l flow_label] [-w waittime]‬

‭[-z sendwait] [-UL] [-D] [-P proto] [--sport=port] [-M method]‬

‭[-O mod_options] [--mtu] [--back] host [packet_len]‬

‭Example‬‭: traceroute‬‭www.google.com‬

‭WHO IS:‬

‭ HOIS (pronounced "who is"; not an acronym) is a query/response protocol which is widely‬
W
‭used for querying an official database in order to determine the owner of a domain name, an‬
‭IP address, or an autonomous system number on the Internet. WHOIS lookups were‬
‭traditionally made using a command line interface, but a number of simplified web-based‬
‭tools now exist for looking up domain ownership details from different databases. WHOIS‬
‭normally runs on TCP port 43.‬
‭The WHOIS system originated as a method that system administrators could use to look up‬
‭information to contact other IP address or domain name administrators (almost like a‬
‭"white pages").‬

S‭ yntax:‬‭whois [ -h HOST ] [ -p PORT ] [ -aCFHlLMmrRSVx‬‭] [ -g SOURCE:FIRST-LAST ] [ -i ATTR ] [‬

‭- S SOURCE ] [ -T TYPE ] object‬

‭Example:‬‭whois‬‭www.google.com‬

‭Socket‬

T‭ o do network I/O, the first thing a process must do is to call the socketsystem call,specifying‬
‭the type of communication protocol desired.‬

‭#include<sys/types.h>‬
‭#include<sys/socket.h>‬

‭intsocket(int family, int type, int protocol);‬

‭The family is one of‬

‭AF_UNIX -- Unix internal protocols‬

‭AF_INET -- Internet protocols‬

‭AF_NS -- Xerox NS Protocols‬

‭AF_IMPLINK-- IMP link layer‬

‭The AF_ prefix stands for "addressfamily." In the first project, we are going to use AF_INET.‬
‭The socket type is one of the following:‬

‭SOCK_STREAM stream socket‬

‭SOCK_DGRAM datagram socket‬

‭SOCK_RAW raw socket‬
 ‭SOCK_SEQPACKETsequenced packet socket‬

‭SOCK_RDM reliably delivered message socket (not implemented yet)‬

T‭ he protocol argument to the socketsystem call is typically set to 0 for most user applications.‬
‭The valid combinations are shown as follows‬
‭/* A program to create a socket using socketsystem‬
‭call*/‬
‭#include<stdio.h>‬

‭#include<sys/socket.h>‬
‭#include<sys/types.h>‬
‭#include<netinet/in.h>‬

‭#include<stdlib.h>‬
‭int main() {‬
‭int sfd; struct sockaddr_in serv_addr;‬
‭if((sfd=socket(AF_INET,SOCK_STREAM,0))<0)‬
‭{‬
‭perror("socket error");‬
‭exit(-1);‬
‭}‬
s‭ erv_addr.sin_family=AF_INET; serv_addr.sin_port=htons(4890);‬
‭serv_addr.sin_addr.s_addr=inet_addr("172.16.0.1");‬
‭if((bind(sfd,(struct sockaddr *) &serv_addr,sizeof(serv_addr)))<0)‬
‭{‬

‭perror("bind error");‬

‭exit(-1);‬

‭}‬
‭printf("address binded....");‬

‭printf("\nserver‬ ‭ip‬ ‭address‬

‭is%s",inet_ntoa(serv_addr.sin_addr));‬

‭printf("\n‬ ‭port‬ ‭number=%d\n",ntohs(serv_addr.sin_port));‬

‭close(sfd); return 0;‬
 ‭}‬

‭Bind‬

‭The bind system call assigns a name to an unnamed socket.‬

‭#include<sys/types.h>‬
‭#include<sys/socket.h>‬

‭int bind(intsockfd,struct sockaddr *myaddr, int addrlen);‬

T‭ he first argument is the socket descriptor returned from socket system call. The second‬
‭argument is a pointer to a protocol-specific address and the third argument is the size of‬
‭this address. There are three uses of bind‬

‭ . Serversregister their well-known address with the system. It tells the system "this is my‬
1
‭address and any messages received for this address are to be given to me." Both‬
‭connectionoriented and connectionless servers need to do this before accepting client‬
‭requests.‬

‭2. A client can register a specific address for itself.‬

‭ . A connectionless client needs to assure that the system assigns it some unique address,‬
3
‭so that the other end (the server) has a valid return address to send its responses to. This‬
‭corresponds to making certain an envelope has a valid return address, if we expect to get a‬
‭reply from the person we sent the letter to‬
‭#include<stdio.h>‬
‭#include<sys/socket.h>‬
‭#include<sys/types.h>‬
‭#include<netinet/in.h>‬
‭#include<stdlib.h>‬
‭int main() {‬
‭int sfd; struct sockaddr_in serv_addr;‬
‭if((sfd=socket(AF_INET,SOCK_STREAM,0))<0)‬
‭{‬
‭perror("socket error");‬
‭exit(-1);‬
‭}‬
s‭ erv_addr.sin_family=AF_INET; serv_addr.sin_port=htons(4890);‬
‭serv_addr.sin_addr.s_addr=inet_addr("172.16.0.1");‬
 ‭if((bind(sfd,(struct sockaddr *) & serv_addr,sizeof(serv_addr)))<0)‬

{‭ ‬
‭perror("bind error");‬
‭exit(-1);‬
‭}‬
‭printf("address binded....");‬
‭printf("\nserver ip address is %s",inet_ntoa(serv_addr.sin_addr));‬
p‭ rintf("\n portnumber=%d\n",ntohs(serv_addr.sin_port));‬
‭close(sfd);‬
‭return 0;‬
‭}‬
c‭ onnectA client process connects a socket descriptor following the socket system call to‬
‭establish aconnection with a server.‬

‭#include <sys/types.h>‬

‭#include <sys/socket.h>‬

‭int connect(int‬‭sockfd‬‭, struct sockaddr‬‭*servaddr‬‭,‬‭int‬‭addrlen‬‭);‬

‭ he‬‭sockfd‬‭is‬‭a‬‭socket‬‭descriptor‬‭that‬‭was‬‭returned‬‭by‬‭the‬‭socket‬‭system‬‭call.‬‭The‬‭second‬‭and‬‭third‬
T
‭arguments‬ ‭are‬ ‭a‬ ‭pointer‬ ‭to‬ ‭a‬ ‭socket‬ ‭address,‬ ‭and‬ ‭its‬ ‭size,‬ ‭as‬ ‭described‬ ‭earlier.‬ ‭For‬ ‭most‬
‭connectionoriented‬ ‭protocols‬ ‭(TCP,‬ ‭for‬ ‭example),‬ ‭the‬ ‭connect‬ ‭system‬ ‭call‬ ‭results‬ ‭in‬ ‭the‬ ‭actual‬
‭establishment‬ ‭of‬ ‭a‬ ‭connection‬ ‭between‬ ‭the‬ ‭local‬ ‭system‬ ‭and‬ ‭the‬ ‭foreign‬ ‭system.‬ ‭The‬ ‭connect‬
‭system call does not return until the connection is established, or an error is returned to the process.‬
‭The client does not have to‬‭bind‬‭a local address before‬‭calling‬‭connect‬‭. The connection‬
‭typically causes these four elements of the association 5-tuple to be assigned:‬‭local-addr‬‭,‬
‭localprocess‬‭,‬‭foreign-addr‬‭, and‬‭foreign-process‬‭. In‬‭all the connection-oriented clients, we will let‬
‭connect‬‭assign the local address.‬
‭Accept‬

‭ fter a connection-oriented server executes the listen system call described above, an actual‬
A
‭connection from some client process is waited for by having the server execute the accept‬
‭system call.‬
‭#include <sys/types.h>‬
#‭ include <sys/socket.h>‬
‭int accept(int‬‭sockfd‬‭, struct sockaddr‬‭*peer‬‭, int‬‭*addrlen‬‭);‬
a‭ ccept‬‭takes the first connection request on the queue and creates another socket with the same‬
‭properties as‬‭sockfd‬‭. If there are no connection requests pending, this call blocks the caller until‬
‭one arrives.‬
‭ he‬ ‭peer‬ ‭and‬ ‭addrlen‬ ‭arguments‬‭are‬‭used‬‭to‬‭return‬‭the‬‭address‬‭of‬‭the‬‭connected‬‭peer‬‭process‬‭(the‬
T
‭client).‬‭addrlen‬‭is‬‭called‬‭a‬‭value-result‬‭argument:‬‭the‬‭caller‬‭sets‬‭its‬‭value‬‭before‬‭the‬‭system‬‭call,‬‭and‬
‭the‬‭system‬‭call‬‭stores‬‭a‬‭result‬‭in‬‭the‬‭variable.‬‭For‬‭this‬‭system‬‭call‬‭the‬‭caller‬‭sets‬‭addrlen‬‭to‬‭the‬‭size‬
‭of the‬‭sockaddr‬‭structure whose address is passed as the‬‭peer‬‭argument.‬
‭send, sendto, recv and recvfrom‬

‭9‬
‭ hese system calls are similar to the standard‬‭read‬‭and‬‭write‬‭system calls, but additional arguments‬
T
‭are required.‬
‭#include <sys/types.h>‬

#‭ include <sys/socket.h>‬
‭int send(int‬‭sockfd‬‭, char‬‭*buff‬‭, int‬‭nbytes‬‭, int‬‭flags‬‭);‬‭int sendto(int‬‭sockfd‬‭, char‬‭*buff‬‭, int‬
‭nbytes‬‭, int‬‭flags‬‭, struct sockaddr‬‭*to‬‭, int‬‭addrlen‬‭);‬‭int recv(int‬‭sockfd‬‭, char‬‭*buff‬‭, int‬‭nbytes‬‭,‬
‭int‬‭flags‬‭); int recvfrom(int‬‭sockfd‬‭, char‬‭*buff‬‭, int‬‭nbytes‬‭, int‬‭flags‬‭, struct sockaddr‬‭*from‬‭, int‬
‭*addrlen‬‭);‬

‭ he first three arguments,‬‭sockfd‬‭,‬‭buff‬‭, and‬‭nbytes‬‭,‬‭to the four system calls are similar to the first‬
T
‭three arguments for‬‭read‬‭and‬‭write‬‭. The‬‭flags‬‭argument‬‭can be safely set to zero ignoring the‬
‭details for it. The‬‭to‬‭argument for‬‭sendto‬‭specifies the protocol-specific address of where the data‬
‭is to be sent. Since this address is protocol-specific, its length must be specified by‬‭addrlen‬‭.‬
‭The‬‭recvfrom‬ ‭system call fills in the protocol-specific‬‭address of who sent the data into‬‭from‬‭. The‬
‭length of this address is also returned to the caller in‬‭addrlen‬‭. Note that the final argument to‬
‭sendto‬‭is an integer value, while the final argument to‬‭recvfrom‬‭is a pointer to an integer value.‬
‭close‬

‭The normal Unix‬‭close‬‭system call is also used to close a socket. int close(int‬‭fd‬‭);‬

I‭ f‬‭the‬‭socket‬‭being‬‭closed‬‭is‬‭associated‬‭with‬‭a‬‭protocol‬‭that‬‭promises‬‭reliable‬‭delivery‬‭(e.g.,‬‭TCP‬‭or‬
‭SPP),‬ ‭the‬ ‭system‬ ‭must‬ ‭assure‬ ‭that‬ ‭any‬ ‭data‬ ‭within‬ ‭the‬ ‭kernel‬ ‭that‬ ‭still‬ ‭has‬ ‭to‬ ‭be‬ ‭transmitted‬ ‭or‬
‭acknowledged,‬ ‭is‬ ‭sent.‬ ‭Normally,‬ ‭the‬ ‭system‬ ‭returns‬ ‭from‬ ‭the‬ ‭close‬ ‭immediately,‬ ‭but‬ ‭the‬ ‭kernel‬
‭still tries to send any data already queued.‬