Network Tools in Use

PING (Packet InterNet Groper):

PING is used to test reach ability of destinations by sending one, or repeated, ICMP echo requests and waits for replies. Since ping works at the IP level its server-side is often implemented entirely within the operating system kernel and is thus the lowest level test of whether a remote host is alive. Ping often responds even when higher level, transport level services do not.

I tried ping command to 144.16.59.128

ping 144.16.59.128

PING 144.16.59.128 (144.16.59.128) from 144.16.59.132 : 56(84) bytes of data.

64 bytes from 144.16.59.128: icmp_seq=0 ttl=64 time=13.582 msec

64 bytes from 144.16.59.128: icmp_seq=1 ttl=64 time=652 usec

64 bytes from 144.16.59.128: icmp_seq=2 ttl=64 time=1.806 msec

64 bytes from 144.16.59.128: icmp_seq=3 ttl=64 time=1.290 msec

Analysis of PING:

Sequence number is the number the packet had, when sent. (If a host is far away, or if is busy, some packets might be swapped, and will arrive in a different order). Ping can be a source of DoS (Denial of Service) attack. Many servers therefore disable Ping. In IISc the proxy 144.16.64.4 has disabled Ping.

NSLOOKUP:

It is a Unix utility used for querying Internet domain name servers. The basic use is to find the ip address corresponding to a given hostname (or vice versa)

Usage:

nslookup csa.iisc.ernet.in

Note: nslookup is deprecated and may be removed from future releases.

Consider using the `dig' or `host' programs instead. Run nslookup with

the `-sil[ent]' option to prevent this message from appearing.

Server: 144.16.64.6

Address: 144.16.64.6#53

Name: csa.iisc.ernet.in

another example:

nslookup www.yahoo.com

Note: nslookup is deprecated and may be removed from future releases.

Consider using the `dig' or `host' programs instead. Run nslookup with

the `-sil[ent]' option to prevent this message from appearing.

Server: 144.16.64.2

Address: 144.16.64.2#53

Non-authoritative answer:

www.yahoo.com canonical name = www.yahoo.akadns.net.

Name: www.yahoo.akadns.net

Address: 66.218.70.48

Name: www.yahoo.akadns.net

Address: 66.218.71.84

Name: www.yahoo.akadns.net

Address: 66.218.71.95

Name: www.yahoo.akadns.net

Address: 66.218.71.93

Name: www.yahoo.akadns.net

Address: 66.218.71.94

Name: www.yahoo.akadns.net

Address: 66.218.70.49

Name: www.yahoo.akadns.net

Address: 66.218.71.87

Name: www.yahoo.akadns.net

Address: 66.218.71.90

DIG

Dig (domain information groper) is a flexible tool for interrogating DNS (Domain Name

Servers). It performs DNS lookups and displays the answers that are returned from

the name server(s) that were queried

Example:

dig www.iisc.ernet.in

; <<>> DiG 9.2.1 <<>> www.iisc.ernet.in

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46517

Tracepath:

It traces path to <destination> discovering MTU (Maximum Transferable unit) along this path. It uses UDP port <port> or some random port.

Example:

tracepath www.iisc.ernet.in

1?: [LOCALHOST] pmtu 1500

1: 144.16.79.155 6.600ms reached

Resume: pmtu 1500 hops 1 back 1

pmtu :path mtu(shortest mtu along the path)

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 6

;; QUESTION SECTION:

;www.iisc.ernet.in. IN A

;; ANSWER SECTION:

www.iisc.ernet.in. 11536 IN A 144.16.79.155

;; AUTHORITY SECTION:

iisc.ernet.in. 9593 IN NS dns.iisc.ernet.in.

iisc.ernet.in. 9593 IN NS ece.iisc.ernet.in.

iisc.ernet.in. 9593 IN NS e-iisc01.iisc.ernet.in.

iisc.ernet.in. 9593 IN NS e-iisc02.iisc.ernet.in.

iisc.ernet.in. 9593 IN NS naamak.ncst.ernet.in.

iisc.ernet.in. 9593 IN NS ss585.ncst.ernet.in.

;; ADDITIONAL SECTION:

dns.iisc.ernet.in. 7275 IN A 144.16.64.6

ece.iisc.ernet.in. 8361 IN A 144.16.64.2

e-iisc01.iisc.ernet.in. 3891 IN A 202.141.1.131

e-iisc02.iisc.ernet.in. 3891 IN A 202.141.1.132

naamak.ncst.ernet.in. 1603 IN A 202.41.110.66

ss585.ncst.ernet.in. 1520 IN A 202.141.150.18

;; Query time: 11 msec

;; SERVER: 144.16.64.6#53(144.16.64.6)

;; WHEN: Sat Oct 11 13:14:01 2003

;; MSG SIZE rcvd: 288

Address: 144.16.67.8