NETSTAT, TRACEROUTE, DAN NETWORK MAPPER
NETSTAT
Perintah Netstat digunakan untuk mengetahui apa saja yang keluar masuk dala sebuah jaringan. Netstat mengambil informasi networking ini dengan cara membaca routing dar kernel yang terdapat dalam memori.
TRACEROUTER
Tracerouter adalah perintah unutuk menunjukkan rute yang dilewati paket untuk mencapai tujuan. Ini dilakukan dengan mengirim pesan Internet Control Message Protocol (ICMP) Echo Request ke tujuan dengan nilaitime to Live yang semakin meningkat.
NETWORK MAPPER
Network Mapper adalah sebuah aplikasi atau tools yang dibuat oleh Gardon Lyon. Atau lebih dikenal dengan nama Fyodor Vaskovich. Aplikasi ini digunakan untuk meng-audit jaringan yang ada.
Langkah -langkah Praktikum ;
1.Mengecek konektsitas ke host lain!
1. 10.17.0.191 4.10.17.0.194
2. 10.17.0.192 5. 10.17.0.195
3. 10.17.0.193 6.
10.17.0.196
[user@linux]# ping [ip_host lain]
Tuliskan dan jelaskan output perintah
diatas!
Hasil:
Ø Ping 10.17.0.191
Ping 10.17.0.191 (10.17.0.191) 56(84) bytes of
data.
·
64 bytes from 10.17.0.191 : icmp_req=1 ttl =64 time=1.46
ms.
·
64 bytes from 10.17.0.191 : icmp_req= 2 ttl =64 time=0.138
ms.
2 Packets transmitted , 2
received, 0% packet loss , time 2001 ms
Rtt min/avg/max/mdex=0.135 /0.578 /1.463 /0.65 ms
Ø – Ping 10.17.0.192
Ping 10.17.0.192 (10.17.0.192) 56(84)
bytes of data.
·
64 bytes from 10.17.0.192 : icmp_req=1 ttl =64 time=1.16
ms.
·
64 bytes from 10.17.0.192 : icmp_req=2 ttl =64 time=0.188 ms.
2 Packets transmitted , 2
received, 0% packet loss , time 1001 ms
Rtt min/avg/max/mdex=0.188 /0.676 /1.164 /0.488 ms
Ø – Ping 10.17.0.193
Ping 10.17.0.193 (10.17.0.193) 56(84)
bytes of data.
·
64 bytes from 10.17.0.193 : icmp_req=1 ttl =64 time=0.153
ms.
·
64 bytes from 10.17.0.193 : icmp_req=2 ttl =64 time=0.142 ms.
2 Packets transmitted , 2
received, 0% packet loss , time 1002 ms
Rtt min/avg/max/mdex=0.142 /0.147 /0.153
/0.013 ms
Ø – Ping 10.17.0.194
Ping 10.17.0.194 (10.17.0.194) 56(84)
bytes of data.
·
64 bytes from 10.17.0.194 : icmp_req=1 ttl =64 time=0.060
ms.
·
64 bytes from 10.17.0.194 : icmp_req=2 ttl =64 time=0.047 ms.
2 Packets transmitted , 2
received, 0% packet loss , time 1001 ms
Rtt
min/avg/max/mdex=0.047/0.053 /0.060 /0.009 ms
Ø – Ping 10.17.0.195
Ping 10.17.0.195 (10.17.0.195) 56(84)
bytes of data.
·
64 bytes from 10.17.0.195 : icmp_req=1 ttl =64 time=1.90
ms.
·
64 bytes from 10.17.0.195 : icmp_req=2 ttl =64 time=0.134 ms.
2 Packets transmitted , 2
received, 0% packet loss , time 1001 ms
Rtt
min/avg/max/mdex=0.134 /1.018 /1.902 /0.884 ms
Ø – Ping 10.17.0.196
Ping 10.17.0.196 (10.17.0.196) 56(84)
bytes of data.
·
64 bytes from 10.17.0.196 : icmp_req=1 ttl =64 time=4.15
ms.
·
64 bytes from 10.17.0.196 : icmp_req=2 ttl =64 time=0.132 ms.
2 Packets transmitted , 2
received, 0% packet loss , time 1001 ms
Rtt
min/avg/max/mdex=0.132/2.144/4.156 /2.012 ms
2. Menganalisa
rute paket ke host tujuan .Amati rute paket ke host seperti pada no 1 dengan
perintah.
[user@linux/]#
traceroute [host_tujuan]
Hasil:
·
Trceroute 10.17.0.191
Trceroute to 10.17.0.191 (10.17.0.191), 30 hops max, 60 bytes
packets.
1 10.17.0.191 (10.17.0.191)
2.758 ms 2.743 ms 2.758 ms.
·
Trceroute 10.17.0.192
Trceroute to 10.17.0.192 (10.17.0.192), 30 hops max, 60 bytes
packets.
1 10.17.0.192 (10.17.0.192)
3.539 ms 3.55ms 3.548 ms.
·
Trceroute 10.17.0.193
Trceroute to 10.17.0.193 (10.17.0.193), 30 hops max, 60 bytes
packets.
1 10.17.0.193 (10.17.0.193)
2.202 ms 2.223 ms 2.209 ms.
·
Trceroute 10.17.0.194
Trceroute to 10.17.0.194 (10.17.0.194), 30 hops max, 60 bytes
packets.
1 10.17.0.194 (10.17.0.194)
0.053ms 0.008 ms 0.008 ms.
·
Trceroute 10.17.0.195
Trceroute to 10.17.0.195 (10.17.0.195), 30 hops max, 60 bytes
packets.
1 10.17.0.195 (10.17.0.195)
0.132 ms 0.137 ms 0.110 ms.
·
Trceroute 10.17.0.196
Trceroute to 10.17.0.196 (10.17.0.196), 30 hops max, 60 bytes
packets.
1
10.17.0.196 (10.17.0.196) 3.213 ms 3.199 ms 3.221 ms.
3. Menganalisa servis yang membuka port di computer local, amatilah
port berapa saja yang terbuka pada
computer anda dengan perintah netstat
[user@linux ~]#netstat –
listening|more. Tulis dan jelaskan ouput perintah
diatas?
Active internet connections (server and established)
|
proto
|
Recv-Q
|
Send-Q
|
Local
address
|
Foreign
address
|
state
|
PID
|
|
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
TCP
6
TCP
6
TCP
6
TCP
6
UDP
UDP
UDP
UDP
UDP
UDP
UDP
UDP
UDP
UDP
UDP6
UDP6
UDP6
|
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
|
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
|
0.0.0.0
:445
127.0.0.1:3306
0.0.0.0
:139
0.0.0.0
:80
10.17.0.196:53
127.0.0.1:53
0.0.0.0:22
127.0.0.1:631
127.0.0.1:953
10.17.0.196:43919
10.17.0.196:39837
:::53
:::22
::1:631
::1:953
0.0.0.0:5353
10.17.0.196:53
127.0.0.1:53
10.17.0.255:137
10.17.0.196:137
0.0.0.0:137
10.17.0.255:138
10.17.0.196:138
0.0.0.0
:138
0.0.0.0:56978
:::57822
:::5353
:::53
|
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
0.0.0.0:
*
202.9.69.29:8080
202.9.69.29:8080
:::*
:::*
:::*
:::*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
0.0.0.0:*
|
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Close-wait
Established
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
Listen
|
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
|
4. Menganalisa servis yang membuka port di computer local dengan
Network Mapper. Amatilah port berapa saja yang terbuka pada computer anda
dengan menggunakan network Mapper.
[user@linux~]# sudo nmap
localhost
tulis dan jelaskan output perintah diatas?
Hasil:
Kelompok4@ubuntu :~$ sudo nmap localhost
·
[sudo] password for kelompok4:
Starting nmap 5.1 (http : nmap.org) at
2001 -12-31 19:25 EST
Nmap scan
report for localhost (127.0.0.1)
Host is up
(0.0000125 latency)
Not Shown: 993
closed ports
|
Port state service
|
|
22/Tcp open ssh
|
|
53/tcp open domin
|
|
80/tcp open http
|
|
139/tcp open net bios-ssh
|
|
445/tcp open microsoft-ds
|
|
631/tcp open lpp
|
|
3306/tcp open my sql
|
5.Menganalisa IP
asal , IP tujuan, port asal, port tujuan dalam sebuah sesi koneksi.
a)
Menganalisa paket dari computer
local
o
Lakukan SSH ke computer server
[user@linux/] #ssh [ip_server]
o
Amati IP asal, ip tujuan, port
asal, port tujuan yang anda gunakan pada sesi koneksi tersebut.
[user@linux/] #netstat |grep
ESTABLISHHED
Tulis dan jelaskan output perintah diatas?
Hasil:
kelompok4@ubuntu:~$ ssh
202.9.69.2
Could
not create directory i/home/kelompok4/ssh;
The authenticity of host 202.9.69.2
(202.9.69.2) can’t be established.
RSA key fingerprint is
12:46:7a:cb:5b:2b:7e:95:72:ad:fc:ac:59:af:ae:f0
Are you sure you want to continue
connecting (yes/no) ?yes
Failed to add the host to the list of
knownhosts ( /home/kelompok4/ssh/known_hosts)
Langsung ke terminal 2 (ctrl+alt+f2)
kelompok4@ubuntu
: netstat |grep ESTABLISHED
tcp 0
0ubuntu. Local : 34489 lib.polsri.ac.id :ssh ESTABLISHED
b)
Menganalisa paket yang menuju
ke computer lokal (dari computer tetangga)
[user@linux/]# netstat |grep ESTABLISHED
Tulis dan jelaskan output perintah
diatas?
Hasil:
Tcp
0 0 10.17.0.193:33174 lib.polsri.ac.id:ssh ESTABLISHED
6. kelompok4@ubuntu:~$ sudo
tcpdump –I eth0/1/2/3
·
Kelompopk4@ubuntu :~sudo
tcpdump –I eth0
Tcp dump :eth0:that device is not
up
·
Kelompok4@ubuntu :~sudo tcpdump
–i eth1
Tcp dump :verbuse output
suppressed, use –v or –vv for full protocol decode
Listening on eth1, link-type
EN10MB (Ethernet), capture size 65535 bytes.
19:48:39.312
271 STP 802, 1w, Rapid STP, flags (learn, forward, agreement ), bridge –id
8000.00
:18:6e:86:66:e0.8000,length 47
1 packets
captured
1 packets
received by filter
0 packets dropped
by kernel
0 komentar:
Posting Komentar