Sie sind auf Seite 1von 64

Computer Network and Information Security Laboratory

16SCN16

VISVESVARAYA TECHNOLOGICAL UNIVERSITY BELAGAVI

SECAB INSTITUTE OF ENGINEERING & TECHNOLOGY,

VIJAYAPUR-586 101

2016-2017
DEPARTMENT OF
COMPUTER NETWORK ENGINEERING
A REPORT ON
“COMPUTER NETWORKS AND INFORMATION SECURITY
LABORATORY”
Submitted in partial fulfillment of the requirements for the
Award of the degree of
MASTER OF TECHNOLOGY
IN
COMPUTER NETWORK ENGINEERING
Submitted By
Ayisha. M. Kalburgi
Under The Guidance of : Shreedevi Kembhavi

M. Tech(sem 1) CNE Page 1


Computer Network and Information Security Laboratory
16SCN16

VISVESVARAYA TECHNOLOGICAL UNIVERSITY, BELAGAVI

SECAB ASSOCIATION’S

SECAB INSTITUTE OF ENGINEERING AND TECHNOLOGY,

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

CERTIFICATE
This is to certify that the laboratory work entitled “COMPUTER NETWORKS AND
INFORMATION SECURITY LABORATORY” is a bonafide work carried out by “Ayisha .M.
Kalburgi” in partial fulfillment for the award of Master in Technology in Computer Networks
Engineering of the Visvesvaraya Technological University, Belagavi during the year 2016-2017.
It is certified that all suggestion/correction indicated for experiments have been incorporated in
the report and has been approved as it satisfies the academic requirements in respect of
laboratory work prescribed for M-Tech Degree.

Signature of Guide Signature of Coordinator Signature of HOD

M. Tech(sem 1) CNE Page 2


Computer Network and Information Security Laboratory
16SCN16

1. Write a program to transfer the contents of a requested file from server to


the client using TCP/IP Sockets (using TCP/IP Socket programming).

//server 1.c
#include<stdio.h>
#include<unistd.h>
#include<fcntl.h>
#include<sys/types.h>
#include<sys/stat.h>
#include<sys/socket.h>
#include<netinet/in.h>
#include<stdlib.h>
int main()
{
int cs,ns,fd,n;
int bufsize=1024;
char *buffer=malloc(bufsize);
struct sockaddr_in address;
char fname[255];
address.sin_family=AF_INET;
address.sin_port=htons(15000);
address.sin_addr.s_addr=INADDR_ANY;
cs=socket(AF_INET,SOCK_STREAM,0);
bind(cs,(structsockaddr *)&address,sizeof(address));
listen(cs,3);
ns=accept(cs,(structsockaddr *)NULL,NULL);
recv(ns,fname,255,0);
fd=open(fname,O_RDONLY);
n=read(fd,buffer,bufsize);
send(ns,buffer,n,0);
close(ns);
return close(cs);

M. Tech(sem 1) CNE Page 3


Computer Network and Information Security Laboratory
16SCN16

//client 1.c

#include<stdio.h>

#include<unistd.h>

#include<fcntl.h>

#include<sys/types.h>

#include<sys/stat.h>

#include<sys/socket.h>

#include<netinet/in.h>

#include<stdlib.h>

int main(int argc, char **argv)

int cs,n;
int bufsize=1024;
char*buffer=malloc(bufsize);
char fname[255];
structsockaddr_in address;
address.sin_family=AFINET;
address.sin_port=htons(15000);
inet_pton(AF_INET,argv[1],&address.sin_addr);
cs=socket(AF_INET,SOCK_STREAM,0);
connect(cs,(structsockaddr *)&address,sizeof(address));
printf("\nEnter filename: ");scanf("%s",fname); send(cs,fname,255,0);

while((recv(cs,buffer,bufsize,0))>0)

printf("%s",buffer);

printf("\nEOF\n");

M. Tech(sem 1) CNE Page 4


Computer Network and Information Security Laboratory
16SCN16

return close(cs);

OUTPUT:
/*FIRST TERMINAL*/

[root1@localhost ~]$ vi server1.c

[root1@localhost ~]$ cc server1.c

[root1@localhost ~]$ ./a.out

SERVER:waiting for client

/*SECOND TERMINAL*/

[root1@localhost ~]$ vi client1.c

./client 127.0.01 5073 client online! server online!

[root1@localhost ~]$ cc client1.c

[root1@localhost ~]$ ./a.out 5073

client:Enter path with filename data.txt

Enter filename: hello.txt

hello people

EOF

client:displaying contents of data.txt finally over

FIRST TREMINAL cc server1.c ./a.out 5073

SERVER:Waiting for client SERVER:data.txt

SERVER:data.txt found! transferring the contents

M. Tech(sem 1) CNE Page 5


Computer Network and Information Security Laboratory
16SCN16

2.Write a program to archive Traffic management at flow level by


implementing closed loop control technique (Leaky Bucket Algorithm).

#include<stdio.h>
#include<math.h>
#include<stdlib.h>
void main()
{
int packets[8],i,j,clk,b_size,o_rate,i_rate,p_sz_rm=0,p_sz,p_time;
clrscr();
for(i=0;i<5;++i)
{
packets[i]=rand()%10;
if(packets[i]==0) --i;
}
printf("Enter output rate:");
scanf("%d",&o_rate);
printf("\nEnter bucket size:");
scanf("%d",&b_size);
for(i=0;i<5;++i)
{
if((packets[i]+p_sz_rm) > b_size)
{
if(packets[i]>b_size)
printf("\nIncoming packet size:%d greater than bucket capacity\n",packets[i]);
else
printf("Bucket size exceeded\n");
}
else
{
p_sz=packets[i];

M. Tech(sem 1) CNE Page 6


Computer Network and Information Security Laboratory
16SCN16

p_sz_rm+=p_sz;
printf("\n--------------------------------------------------\n");
printf("Incoming packet:%d",p_sz);
printf("\nTransmission left:%d\n",p_sz_rm);
p_time=rand()%10;
printf("Next packet will come at %d",p_time);
for(clk=0;clk<p_time&&p_sz_rm>0;++clk)
{
printf("\nTime left %d---No packets to transmit!!\n",p_time-clk);
sleep(1);
if(p_sz_rm)
{
printf("Transmitted\n");
if(p_sz_rm<o_rate)
p_sz_rm=0;
else
p_sz_rm-=o_rate;
printf("Bytes remaining:%d\n",p_sz_rm);
}
else
printf("No packets to transmit\n");
}
}
}
getch();
}

M. Tech(sem 1) CNE Page 7


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:
[root1@localhost ~]$ vi leaky.c
[root1@localhost ~]$ cc leaky.c
[root1@localhost ~]$ ./a.out
Enter output rate:5
Enter bucket size:3
--------------------------------------------------
Incoming packet:3
Transmission left:3
Next packet will come at 5
Time left 5---No packets to transmit!!
Transmitted
Bytes remaining:0
Incoming packet size:6 greater than bucket capacity
Incoming packet size:7 greater than bucket capacity
Incoming packet size:5 greater than bucket capacity
--------------------------------------------------
Incoming packet:3
Transmission left:3
Next packet will come at 6
Time left 6---No packets to transmit!!
Transmitted
Bytes remaining:0

M. Tech(sem 1) CNE Page 8


Computer Network and Information Security Laboratory
16SCN16

3. Write a program to implement dynamic routing strategy in finding optimal


path for data transmission. (Bellman ford algorithm).

#include<stdio.h>
#include<stdlib.h>
#define nul 1000
#define nodes 10
int no;
struct node
{
int a[nodes][4];
}router[nodes];
void init(int r)
{
int i;
for(i=1;i<=no;i++)
{
router[r].a[i][1]=i;
router[r].a[i][2]=999;
router[r].a[i][3]=nul;
}
router[r].a[r][2]=0;
router[r].a[r][3]=r;
}
void inp(int r)
{
int i;
printf("\nEnter dist from the node %d to other nodes",r);
printf("\nPls enter 999 if there is no direct route\n",r);
for(i=1;i<=no;i++)
{

M. Tech(sem 1) CNE Page 9


Computer Network and Information Security Laboratory
16SCN16

if(i!=r)
{
printf("\nEnter dist to the node %d:",i);
scanf("%d",&router[r].a[i][2]);
router[r].a[i][3]=i;
}
}
}
void display(int r)
{
int i,j;
printf("\n\nThe routing table for node %d is as follows:",r);
for(i=1;i<=no;i++)
{
if(router[r].a[i][2]>=999)
printf("\n\t\t\t %d \t no link \t no hop",router[r].a[i][1]);
else
printf("\n\t\t\t %d \t %d \t\td",router[r].a[i][1],router[r].a[i][2],router[r].a[i][3]);
}
}
void dv_algo(int r)
{
int i,j,z;
for(i=1;i<=no;i++)
{
if(router[r].a[i][2]!=999 && router[r].a[i][2]!=0)
{
for(j=1;j<=no;j++)
{
z=router[r].a[i][2]+router[i].a[j][2];
if(router[r].a[j][2]>z)

M. Tech(sem 1) CNE Page 10


Computer Network and Information Security Laboratory
16SCN16

{
router[r].a[j][2]=z;
router[r].a[j][3]=i;
}
}
}
}
}
int main()
{
int i,j,x,y;
char choice;
printf("Enter the no. of nodes required (less than 10 pls):");
scanf("%d",&no);
for(i=1;i<=no;i++)
{
init(i);
inp(i);
}
printf("\nThe configuration of the nodes after initialization is as follows:");
for(i=1;i<=no;i++)
display(i);
for(i=1;i<=no;i++)
dv_algo(i);
printf("\nThe configuration of the nodes after computation of paths is as follows:");
for(i=1;i<=no;i++)
display(i);
while(1)
{
printf("\n\nWanna continue (y/n):");
scanf("%c",&choice);

M. Tech(sem 1) CNE Page 11


Computer Network and Information Security Laboratory
16SCN16

if(choice=='n')
break;
printf("\nEnter the nodes btn which shortest path is to be found:\n");
scanf("%d %d",&x,&y);
printf("\nThe length of the shortest path is %d",router[x].a[y][2]);
}
}
OUTPUT:

[root1@localhost ~]$ vi bell.c


[root1@localhost ~]$ cc bell.c
[root1@localhost ~]$ ./a.out
Enter the no. of nodes required (less than 10 pls):4

Enter dist from the node 1 to other nodes


Pls enter 999 if there is no direct route

Enter dist to the node 2:2

Enter dist to the node 3:0

Enter dist to the node 4:0

Enter dist from the node 2 to other nodes


Pls enter 999 if there is no direct route

Enter dist to the node 1:3

Enter dist to the node 3:0

Enter dist to the node 4:0

Enter dist from the node 3 to other nodes


Pls enter 999 if there is no direct route

Enter dist to the node 1:5

Enter dist to the node 2:2

Enter dist to the node 4:0

M. Tech(sem 1) CNE Page 12


Computer Network and Information Security Laboratory
16SCN16

Enter dist from the node 4 to other nodes


Pls enter 999 if there is no direct route

Enter dist to the node 1:0

Enter dist to the node 2:2

Enter dist to the node 3:3

The configuration of the nodes after initialization is as follows:

The routing table for node 1 is as follows:


1 0 d
2 2 d
3 0 d
4 0 d

The routing table for node 2 is as follows:


1 3 d
2 0 d
3 0 d
4 0 d

The routing table for node 3 is as follows:


1 5 d
2 2 d
3 0 d
4 0 d

The routing table for node 4 is as follows:


1 0 d
2 2 d
3 3 d
4 0 d
The configuration of the nodes after computation of paths is as follows:

The routing table for node 1 is as follows:


1 0 d
2 2 d
3 0 d
4 0 d

The routing table for node 2 is as follows:


1 3 d
2 0 d

M. Tech(sem 1) CNE Page 13


Computer Network and Information Security Laboratory
16SCN16

3 0 d
4 0 d

The routing table for node 3 is as follows:


1 5 d
2 2 d
3 0 d
4 0 d

The routing table for node 4 is as follows:


1 0 d
2 2 d
3 2 d
4 0 d

Wanna continue (y/n):


Enter the nodes btn which shortest path is to be found:
13

The length of the shortest path is 0

Wanna continue (y/n):


Enter the nodes btn which shortest path is to be found:

23

The length of the shortest path is 0

Wanna continue (y/n):


Enter the nodes btn which shortest path is to be found:
n

The length of the shortest path is 0

M. Tech(sem 1) CNE Page 14


Computer Network and Information Security Laboratory
16SCN16

4. Write a program to implement Link State Routing (Dijkstra Algorithm).


#include<stdio.h>
#include<conio.h>
#define INFINITY 9999
#define MAX 10
void dijikstra(int G[MAX][MAX], int n, int startnode);
void main()
{
int G[MAX][MAX], i, j, n, u;
clrscr();
printf("\nEnter the no. of vertices:: ");
scanf("%d", &n);
printf("\nEnter the adjacency matrix::\n");
for(i=0;i < n;i++)
for(j=0;j < n;j++)
scanf("%d", &G[i][j]);
printf("\nEnter the starting node:: ");
scanf("%d", &u);
dijikstra(G,n,u);
getch();
}
void dijikstra(int G[MAX][MAX], int n, int startnode)
{
int cost[MAX][MAX], distance[MAX], pred[MAX];
int visited[MAX], count, mindistance, nextnode, i,j;
for(i=0;i < n;i++)
for(j=0;j < n;j++)
if(G[i][j]==0)
cost[i][j]=INFINITY;
else

M. Tech(sem 1) CNE Page 15


Computer Network and Information Security Laboratory
16SCN16

cost[i][j]=G[i][j];

for(i=0;i< n;i++)
{
distance[i]=cost[startnode][i];
pred[i]=startnode;
visited[i]=0;
}
distance[startnode]=0;
visited[startnode]=1;
count=1;
while(count < n-1)
{
mindistance=INFINITY;
for(i=0;i < n;i++)
if(distance[i] < mindistance&&!visited[i])
{
mindistance=distance[i];
nextnode=i;
}
visited[nextnode]=1;
for(i=0;i < n;i++)
if(!visited[i])
if(mindistance+cost[nextnode][i] < distance[i])
{
distance[i]=mindistance+cost[nextnode][i];
pred[i]=nextnode;
}
count++;
}

M. Tech(sem 1) CNE Page 16


Computer Network and Information Security Laboratory
16SCN16

for(i=0;i < n;i++)


if(i!=startnode)
{
printf("\nDistance of %d = %d", i, distance[i]);
printf("\nPath = %d", i);
j=i;
do
{
j=pred[j];
printf(" <-%d", j);
}
while(j!=startnode);
}
}

M. Tech(sem 1) CNE Page 17


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:

[root1@localhost ~]$ vi dj1.c


[root1@localhost ~]$ cc dj1.c
[root1@localhost ~]$ ./a.out
Enter the no. of vertices:: 3
Enter the adjacency matrix::
032
004
130

Enter the starting node:: 3

Distance of 0 = 0
Path = 0 <-3
Distance of 1 = 0
Path = 1 <-3
Distance of 2 = 2
Path = 2 <-0 <-3

M. Tech(sem 1) CNE Page 18


Computer Network and Information Security Laboratory
16SCN16

5. Write a program for implementing the error detection technique while data
transfer in unreliable network code using CRC (16-bits) Technique.

#include<stdio.h>
#include<string.h>
#include<stdlib.h>
#include<conio.h>
int main()
{
char rem[50],a[50],s[50],c,msg[50];
char gen[]="10001000000000101";
int i,genlen,t,j,flag=0,k,n;
printf("\nGenerator polynomial is CRC-CCITT:%s",gen);
genlen=strlen(gen);
k=genlen-1;
printf("\nEnter the message:");
n=0;
while((c=getchar())!='\n')
{
msg[n]=c;
n++;
}
msg[n]='\0';
for(i=0;i<n;i++)
a[i]=msg[i];
for(i=0;i<k;i++)
a[n+i]='0';
a[n+k]='\0';
printf("\nMessage polynomial appended with zero's:");
puts(a);
for(i=0;i<n;i++)

M. Tech(sem 1) CNE Page 19


Computer Network and Information Security Laboratory
16SCN16

{
if(a[i]=='1')
{
t=i;
for(j=0;j<=k;j++)
{
if(a[t]==gen[j])
a[t]='0';
else
a[t]='1';
t++;
}
}
}
for(i=0;i<k;i++)
rem[i]=a[n+i];
rem[k]='\0';
printf("\nThe checksum appended:");
puts(rem);
printf("\nMessage with checksum appended:");
for(i=0;i<n;i++)
a[i]=msg[i];
for(i=0;i<k;i++)
a[n+i]=rem[i];
a[n+k]='\0';
puts(a);
n=0;
printf("\nEnter the received polynomial:");
while((c=getchar())!='\n')
{
s[n]=c;

M. Tech(sem 1) CNE Page 20


Computer Network and Information Security Laboratory
16SCN16

n++;
}
s[n]='\0';
for(i=0;i<n;i++)
{
if(s[i]=='1')
{
t=i;
for(j=0;j<=k;j++,t++)
{
if(s[t]==gen[j])
s[t]='0';
else
s[t]='1';
}
}
}
for(i=0;i<k;i++)
rem[i]=s[n+i];
rem[k]='\0';
for(i=0;i<k;i++)
{
if(rem[i]=='1')
flag=1;
}
if(flag==0)
printf("\nThe received polynomial is error free\n");
else
printf("\nThe received polynomial has error\n");
return 0;
}

M. Tech(sem 1) CNE Page 21


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:
[root1@localhost ~]$ vi crc16.c
[root1@localhost ~]$ cc crc16.c
[root1@localhost ~]$ ./a.out
Generator polynomial is CRC-CCITT:10001000000000101
Enter the message:101
Message polynomial appended with zero's:1010000000000000000
The checksum appended:0101000000010001
Message with checksum appended:1010101000000010001
Enter the received polynomial:1010101000000010001
The received polynomial is error free

[root1@localhost ~]$ ./a.out


Generator polynomial is CRC-CCITT:10001000000000101
Enter the message:101
Message polynomial appended with zero's:1010000000000000000
The checksum appended:0101000000010001
Message with checksum appended:1010101000000010001
Enter the received polynomial:1010101000000010011
The received polynomial has error

M. Tech(sem 1) CNE Page 22


Computer Network and Information Security Laboratory
16SCN16

6. Write a program for providing security for transfer of data in the network.
(RSA Algorithm).

#include<stdio.h>
#include<stdlib.h>
#include<string.h>
#define ENCRY 1
#define DECRY 0
long p,q,n,z,e,d=1;
long gcd(long x,long y)
{
if(y==0)
return x;
if(y>x)
return gcd(y,x);
return gcd(y,x%y);
}
long rsa(long c,int flag)
{
long t=1;
int i;
int val=flag?e:d;
for(i=0;i<val;i++)
t=(c*t)%n;
return t;
}
int main()
{
long int plain[100],encrypted[100],decrypted[100],i;
char str[100];

M. Tech(sem 1) CNE Page 23


Computer Network and Information Security Laboratory
16SCN16

printf("\n enter 2 prime numbers p and q :\n");


scanf("%d%d",&p,&q);
n=p*q;
z=(p-1)*(q-1);
do
{
printf("\n enter the prime value of e :\n");
scanf("%d",&e);
}
while(gcd(e,z)!=1 && e>n);
while(((e*d)-1)%z)
d++;
printf("\n enter plain text :");
scanf("%s",str);
printf("\n encrypted text : \n");
for(i=0;i<strlen(str);i++)
{
encrypted[i]=rsa(str[i],ENCRY);
printf("%ld",encrypted[i]);
}
printf("\n decrypted text :\n");
for(i=0;i<strlen(str);i++)
{
plain[i]=rsa(encrypted[i],DECRY);
printf("%c",plain[i]);
}
}

OUTPUT:

[root1@localhost ~]$ vi rrssaa.c

M. Tech(sem 1) CNE Page 24


Computer Network and Information Security Laboratory
16SCN16

[root1@localhost ~]$ cc rrssaa.c


[root1@localhost ~]$ ./a.out
enter 2 prime numbers p and q :
223
101
enter the prime value of e :
61
enter plain text :ayisha
encrypted text :
1307656561968815174
decrypted text :
ayisha

M. Tech(sem 1) CNE Page 25


Computer Network and Information Security Laboratory
16SCN16

7. Write a program for encrypting 64 bit playing text using DES algorithm.
import javax.swing.*;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.util.Random ;
class DES
{
byte[] skey = new byte[1000];
String skeyString;
static byte[] raw;
String inputMessage,encryptedData,decryptedMessage;
public DES()
{
try
{
generateSymmetricKey();
inputMessage=JOptionPane.showInputDialog(null,"Enter message to encrypt");
byte[] ibyte = inputMessage.getBytes();
byte[] ebyte=encrypt(raw, ibyte);
String encryptedData = new String(ebyte);
System.out.println("Encrypted message "+encryptedData);
JOptionPane.showMessageDialog(null,"Encrypted Data "+"\n"+encryptedData);
byte[] dbyte= decrypt(raw,ebyte);
String decryptedMessage = new String(dbyte);
System.out.println("Decrypted message "+decryptedMessage);

M. Tech(sem 1) CNE Page 26


Computer Network and Information Security Laboratory
16SCN16

JOptionPane.showMessageDialog(null,"Decrypted Data +"\n"+decryptedMessage);


}
catch(Exception e)
{
System.out.println(e);
}
}
void generateSymmetricKey()
{
try
{
Random r = new Random();
intnum = r.nextInt(10000);
String knum = String.valueOf(num);
byte[] knumb = knum.getBytes();
skey=getRawKey(knumb);
skeyString = new String(skey);
System.out.println("DES Symmetric key = "+skeyString);
}
catch(Exception e)
{
System.out.println(e);
}
}
private static byte[] getRawKey(byte[] seed) throws Exception
{
KeyGeneratorkgen = KeyGenerator.getInstance("DES");
SecureRandomsr = SecureRandom.getInstance("SHA1PRNG");
sr.setSeed(seed);
kgen.init(56, sr);
SecretKeyskey = kgen.generateKey();

M. Tech(sem 1) CNE Page 27


Computer Network and Information Security Laboratory
16SCN16

raw = skey.getEncoded();
return raw;
}
private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception
{
SecretKeySpecskeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
byte[] encrypted = cipher.doFinal(clear);
return encrypted;
}
private static byte[] decrypt(byte[] raw, byte[] encrypted) throws Exception
{
SecretKeySpecskeySpec = new SecretKeySpec(raw, "DES");
Cipher cipher = Cipher.getInstance("DES");
cipher.init(Cipher.DECRYPT_MODE, skeySpec);
byte[] decrypted = cipher.doFinal(encrypted);
return decrypted;
}
public static void main(String args[])
{
DES des = new DES();
}
}

M. Tech(sem 1) CNE Page 28


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:
run:

M. Tech(sem 1) CNE Page 29


Computer Network and Information Security Laboratory
16SCN16

Simulation Programs using OPNET /NS2/NS3 or any other equivalent software

8. Simulate a 3 node point to point network with duplex links between them.
Set the Queue size and vary the bandwidth and find the number of packets
dropped.

CONFIGURATION:
1. 1.Double click the left mouse button while cursor is on HOST1 to open the HOST
window.
2. 2.Select Add button on the HOST window to invoke the command window and provide
the following command in the command textbox. stg -u 1024 100 1.0.1.2
3. 3.Click OK button on the command window to exit and once again click on the OK
buttton on the HOST window to exit.
4. 4.Double click the left mouse button while cursor is on HOST2 to open the HOST
window.
5. 5.Select ADD button on the HOST window to invoke the command window and provide
the following command in the command textbox. rtg -u -w log1
6. 6.Click OK button on the command window to exit.

M. Tech(sem 1) CNE Page 30


Computer Network and Information Security Laboratory
16SCN16

7. 7.Click NODE EDITOR button on the HOST window and select the MAC tab from the
modal window that pops up.
8. 8.Select LOG STATISTICS and select checkboxes for Number of Drop packet and
Number of collision in the MAC window.
9. 9.Click OK button on the MAC window to exit and once again click on the OK button on
the HOST window to exit.

Commands Used:
stg -u 1024 40 1.0.1.2 (At the sender’s end)
rtg -u -w log1 (At the receiver’s end)

Queue size (fixed) 50


Bandwidth at sender’s end 10 Mbps , at receiver’s end 10 Mbps
Sender’s throughput = 1179
Receiver’s throughput = 1179

Bandwidth at sender’s end 10 Mbps , at receiver’s end 8 Mbps


Sender’s throughput = 1179 ssss
Receiver’s throughput ~0
Receiver’s collision and drop = 1100
OUTPUT:

M. Tech(sem 1) CNE Page 31


Computer Network and Information Security Laboratory
16SCN16

Using Switch:
Commands used :
stcp -p 7000 -l 1024 1.0.1.2 (At the sender’s end.)
rtcp -p 7000 -l 1024 (At the receiver’s end.)
Bandwidth at Sender’s end 10 Mbps , at Receiver’s end 10 Mbps
Sender’s throughput = 1190
Receiver’s throughput = 1190
Collision and drop ~0

Bandwidth at Sender’s end 10Mbps , at the receiver’s end 8Mbps


Sender’s throughput = 585-1053
Receiver’s throughput = 530-954
Collision and Drop = ~0

M. Tech(sem 1) CNE Page 32


Computer Network and Information Security Laboratory
16SCN16

M. Tech(sem 1) CNE Page 33


Computer Network and Information Security Laboratory
16SCN16

9. Simulate a four node point - to - point network , and connect the links as
follows: n0 - n2 , n1 - n2 and n2 - n3 . Apply TCP agent between n0 - n3 and
UDP n1 - n3 . Apply relevant applications over TCP and UDP agents
changing the parameters and determine the number of packets send by
TCP/UDP.

CONFIGURATION:
1. Double click the left mouse button while cursor is on HOST1 to open the HOST window.
2. Select Add button on the HOST window to invoke the command window and provide the
following command in the command textbox. stg -p 21 -l 1024 1.0.1.3
3. Click OK button on the command window to exit.
4. Click NODE EDITOR button on the HOST window and select the MAC tab from the
modal window that pops up.
5. Select LOG STATISTICS and select checkboxes for output througput in the MAC
window.
6. Click OK button on the MAC window to exit and once again click on the OK button on
the HOST window to exit.
7. Double click the left mouse button while cursor is on HOST2 to open the HOST window.

M. Tech(sem 1) CNE Page 34


Computer Network and Information Security Laboratory
16SCN16

8. Select ADD button on the HOST window to invoke the command window and provide
the following command in the command textbox. stg -u 1024 100 1.0.1.3
9. Click OK button on the command window to exit.
10. Click NODE EDITOR button on the HOST window and select the MAC tab from the
modal window that pops up.
11. Select LOG STATISTICS and select checkbox for output throughput in the MAC
window.
12. Click OK button on the MAC window to exit and once again click on the OK button on
the HOST window to exit.
13. Double click the left mouse button while cursor is on HOST3 to open the HOST window.
14. Select ADD button on the HOST window to invoke the command window and provide
the following command in the command textbox. rtcp -p 21 -l 1024
15. Click Ok button on the command window to exit.
16. Also add the following command on HOST3 rtg -u -w logl
17. Click NODE EDITOR button on the HOST window and select the MAC tab from the
modal window that pops up.
18. Select LOG STATISTICS and select checkboxes for input and output througput in the
MAC window.
19. Click OK button on the MAC window to exit and once again click on the OK button on
the HOST window to exit.

Commands used:
stg -u 1400 40 1.0.1.3 (At the UDP sender)
rtg -u -w log1 (At the receiver)
rtcp -p 7000 -l 1024 (At the receiver)
stcp -p 7000 -l 1024 (At the TCP sender)

Bandwidth of the network 1000Mbps.


Average no of TCP packets transferred = varying
Average no of UDP packets transferred = 14416

M. Tech(sem 1) CNE Page 35


Computer Network and Information Security Laboratory
16SCN16

PART B
1. Consider a file with composite data, substitute the content and transpose
the ciphers.
import java.awt.event.*;
import java.util.*;
public class transpositionCipher
{
public static void main(String args[])
{
String key;
String message;
String encryptedMessage;
// Letters in the x-axis
int x=0;
// Letters in the y-axis
int y=0;
key = "tape";
message = "xyz";
encryptedMessage = "";
// To set the temp as [x][y]
char temp[][]=new char [key.length()][message.length()];
char msg[] = message.toCharArray();
// To populate the array
x=0;
y=0;
// To convert the message into an array of char
for (int i=0; i< msg.length;i++)
{
temp[x][y]=msg[i];
if (x==(key.length()-1))

M. Tech(sem 1) CNE Page 36


Computer Network and Information Security Laboratory
16SCN16

{
x=0;
y=y+1;
} // Close if
else
{
x++;
}
} // Close for loop
// To sort the key
char t[]=new char [key.length()];
t=key.toCharArray();
Arrays.sort(t);

for (int j=0;j<y;j++)


{
for (int i=0;i<key.length();i++)
{
System.out.print(temp[i][j]);
}
System.out.println();
}
System.out.println();
// To print out row by row (i.e. y)
for (int j=0;j<y;j++)
{
// To compare the the sorted Key with the key
// For char in the key
for (int i=0;i<key.length();i++)
{

M. Tech(sem 1) CNE Page 37


Computer Network and Information Security Laboratory
16SCN16

int pos=0;
// To get the position of key.charAt(i) from sorted key
for (pos=0;pos<t.length;pos++)
{
if (key.charAt(i)==t[pos])
{
// To break the for loop once the key is found
break;
}
}
System.out.print(temp[pos][j]);
encryptedMessage+=temp[pos][j];
}
System.out.println();
}
System.out.println(encryptedMessage);
System.exit(0);
}
}
OUTPUT:
Run

Ayisha

shaiya

ayisha

M. Tech(sem 1) CNE Page 38


Computer Network and Information Security Laboratory
16SCN16

2. Consider an alphanumeric data, encrypt and Decrypt the data using


advanced encryption standards and verify for the correctness.

package com.example;
import java.security.Key;
import java.util.Scanner;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
public class StrongAES
{
public void run()
{
try
{
Scanner scanner = new Scanner(System.in);
String text;
System.out.println("Enter the text:");
text=(scanner.next());
String key = "1234567890abcabc"; // 128 bit key
// Create key and cipher
Key aesKey = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
// encrypt the text
cipher.init(Cipher.ENCRYPT_MODE, aesKey);
byte[] encrypted = cipher.doFinal(text.getBytes());
System.err.println(new String(encrypted));
// decrypt the text
cipher.init(Cipher.DECRYPT_MODE, aesKey);
String decrypted = new String(cipher.doFinal(encrypted));
System.err.println(decrypted);
}

M. Tech(sem 1) CNE Page 39


Computer Network and Information Security Laboratory
16SCN16

catch(Exception e)

e.printStackTrace();

public static void main(String[] args)

StrongAES app = new StrongAES();

app.run();

OUTPUT:
run:

Enter the text:

asdfgf

�,���xq�\�JJ#��

asdfgf

M. Tech(sem 1) CNE Page 40


Computer Network and Information Security Laboratory
16SCN16

3. Apply RSA algorithm on a text file to produce cipher text file

package test_code;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
class Test
{
public static void main(String[] args) throws Exception
{
generateKeys();
rsaEncrypt("C://Users//Faiz//Desktop//link.txt", "C://Users//ayisha//Desktop//encrypted.txt");
/ / D : / / Pics//pic2.JPG

M. Tech(sem 1) CNE Page 41


Computer Network and Information Security Laboratory
16SCN16

rsaDecrypt("C://Users//ayisha//Desktop//encrypted.txt","C://Users//ayisha//Desktop//decrypted.t
xt");
}
public static void generateKeys() throws Exception
{
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair kp = kpg.genKeyPair();
PublicKey publicKey = kp.getPublic();
PrivateKey privateKey = kp.getPrivate();
System.out.println("keys created");
KeyFactory fact = KeyFactory.getInstance("RSA");
RSAPublicKeySpec pub = fact.getKeySpec(publicKey, RSAPublicKeySpec.class);
RSAPrivateKeySpec priv = fact.getKeySpec(privateKey,RSAPrivateKeySpec.class);
saveToFile("public.key", pub.getModulus(), pub.getPublicExponent());
saveToFile("private.key", priv.getModulus(), priv.getPrivateExponent());
System.out.println("keys saved");
}
public static void saveToFile(String fileName, BigInteger mod,
BigInteger exp) throws IOException
{
ObjectOutputStream fileOut = new ObjectOutputStream(
new BufferedOutputStream(new FileOutputStream(fileName)));
try
{
fileOut.writeObject(mod);
fileOut.writeObject(exp);
}
catch (Exception e)
{
throw new IOException("Unexpected error");

M. Tech(sem 1) CNE Page 42


Computer Network and Information Security Laboratory
16SCN16

}
finally
{
fileOut.close();
System.out.println("Closed writing file.");
}
}
// Return the saved key
static Key readKeyFromFile(String keyFileName) throws IOException
{
InputStream in = new FileInputStream(keyFileName);
ObjectInputStream oin = new ObjectInputStream(new BufferedInputStream in));
try
{
BigInteger m = (BigInteger) oin.readObject();
BigInteger e = (BigInteger) oin.readObject();
KeyFactory fact = KeyFactory.getInstance("RSA");
if (keyFileName.startsWith("public"))
return fact.generatePublic(new RSAPublicKeySpec(m, e));
else
return fact.generatePrivate(new RSAPrivateKeySpec(m, e));
}
catch (Exception e)
{
throw new RuntimeException("Spurious serialisation error", e);
}
finally
{
oin.close();
System.out.println("Closed reading file.");
}

M. Tech(sem 1) CNE Page 43


Computer Network and Information Security Laboratory
16SCN16

}
// Use this PublicKey object to initialize a Cipher and encrypt some data
public static void rsaEncrypt(String file_loc, String file_des)
throws Exception
{
byte[] data = new byte[32];
int i;
System.out.println("start encyption");
Key pubKey = readKeyFromFile("public.key");
Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
FileInputStream fileIn = new FileInputStream(file_loc);
FileOutputStream fileOut = new FileOutputStream(file_des);
CipherOutputStream cipherOut = new CipherOutputStream(fileOut, cipher);
// Read in the data from the file and encrypt it
while ((i = fileIn.read(data)) != -1)
{
cipherOut.write(data, 0, i);
}
// Close the encrypted file
cipherOut.close();
fileIn.close();
System.out.println("encrypted file created");
}
// Use this PublicKey object to initialize a Cipher and decrypt some data
public static void rsaDecrypt(String file_loc, String file_des)
throws Exception
{
byte[] data = new byte[32];
int i;
System.out.println("start decyption");

M. Tech(sem 1) CNE Page 44


Computer Network and Information Security Laboratory
16SCN16

Key priKey = readKeyFromFile("private.key");


Cipher cipher = Cipher.getInstance("RSA");
cipher.init(Cipher.DECRYPT_MODE, priKey);
FileInputStream fileIn = new FileInputStream(file_loc);
CipherInputStream cipherIn = new CipherInputStream(fileIn, cipher);
FileOutputStream fileOut = new FileOutputStream(file_des);
// Write data to new file
while ((i = cipherIn.read()) != -1)
{
fileOut.write(i);
}
// Close the file
fileIn.close();
cipherIn.close();
fileOut.close();
System.out.println("decrypted file created");
}
}

M. Tech(sem 1) CNE Page 45


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:

create 3 files
link.txt
encrypted.txt
decrypted.txt

run:
keys created
ayisha
Closed writing file.
Closed writing file.
keys saved
start encyption
Closed reading file.
encrypted file created
start decyption
ayisha
Closed reading file.
decrypted file created

M. Tech(sem 1) CNE Page 46


Computer Network and Information Security Laboratory
16SCN16

4. Develop a mechanism to setup a security channel using Diffie-Hellman Key


Exchange between client and server

import java.io.*;
import java.math.BigInteger;
class Diffie
{
public static void main(String[]args)throws IOException
{
BufferedReader br=new BufferedReader(new InputStreamReader(System.in));
System.out.println("Enter prime number:");
BigInteger p=new BigInteger(br.readLine());
System.out.print("Enter primitive root of "+p+":");
BigInteger g=new BigInteger(br.readLine());
System.out.println("Enter value for x less than "+p+":");
BigInteger x=new BigInteger(br.readLine());
BigInteger R1=g.modPow(x,p);
System.out.println("R1="+R1);
System.out.print("Enter value for y less than "+p+":");
BigInteger y=new BigInteger(br.readLine());
BigInteger R2=g.modPow(y,p);
System.out.println("R2="+R2);
BigInteger k1=R2.modPow(x,p);
System.out.println("Key calculated at Alice's side:"+k1);
BigInteger k2=R1.modPow(y,p);
System.out.println("Key calculated at Bob's side:"+k2);
System.out.println("deffie hellman secret key Encryption has Taken");
}
}
OUTPUT:

M. Tech(sem 1) CNE Page 47


Computer Network and Information Security Laboratory
16SCN16

Enter prime number:

Enter primitive root of 3:1

Enter value for x less than 3:

R1=1

Enter value for y less than 3:1

R2=1

Key calculated at Alice's side:1

Key calculated at Bob's side:1

deffie hellman secret key Encryption has Taken

M. Tech(sem 1) CNE Page 48


Computer Network and Information Security Laboratory
16SCN16

5. Implementation of Message Authentication Code using cryptography


VMAC function.
import java.lang.*;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import javax.crypto.*;
public class SimpleMacExample
{
public static String getPlainText()
{
System.out.print("Enter plaintext:");
String plaintext = "";
BufferedReader br =new BufferedReader(new InputStreamReader(System.in));
try
{
plaintext = br.readLine();
}
catch (IOException ioe)
{
System.out.println("IO error trying to read plaintext!");
System.exit(1);
} // catch
return plaintext;
} // getPlainText()
public static void main(String[] args) throws Exception
{
System.out.println("This program generates a message authentication code for the plaintext you
enter.");
String plaintextString = getPlainText();
byte[] plaintext = plaintextString.getBytes();

M. Tech(sem 1) CNE Page 49


Computer Network and Information Security Laboratory
16SCN16

KeyGenerator keygen = KeyGenerator.getInstance("HmacMD5");


SecretKey sKey = keygen.generateKey();
Mac theMac = Mac.getInstance("HmacMD5");
theMac.init(sKey);
byte[] theMacCode = theMac.doFinal(plaintext);
System.out.print("The MAC for the plaintext \'" +plaintextString + "\' is ");
for (int i = 0; i < theMacCode.length; i++)
{
System.out.print(theMacCode[i]);
if (i != theMacCode.length - 1)
{
System.out.print(",");
} // if
} // for i

System.out.println();

} // main

M. Tech(sem 1) CNE Page 50


Computer Network and Information Security Laboratory
16SCN16

OUTPUT:
run:

This program generates a message authentication code for the plaintext you enter.

Enter plaintext:asd

The MAC for the plaintext 'asd' is -114,74,72,-103,-48,-82,-78,-23,85,-53,-72,-41,-127,47,32,13

M. Tech(sem 1) CNE Page 51


Computer Network and Information Security Laboratory
16SCN16

6. Implement secure hash algorithm for Data Integrity. Implement MD5 and
SHA-1 algorithm, which accepts a string input, and produce a fixed size
number - 128 bits for MD5; 160 bits for SHA-1, this number is a hash of the
input. Show that a small change in the input results in a substantial change in
the output

/*6a MD5*/
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class SimpleMD5Example
{
public static void main(String[] args)
{
String passwordToHash="s";
String generatedPassword=null;
try
{
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(passwordToHash.getBytes());
byte[] bytes= md.digest();
StringBuilder sb=new StringBuilder();
for(int i=0;i<bytes.length;i++)
{
sb.append(Integer.toString((bytes[i] & 0xff) + 0x100,16).substring(1));
}
generatedPassword=sb.toString();
}
catch(NoSuchAlgorithmException e)
{
e.printStackTrace();
}

M. Tech(sem 1) CNE Page 52


Computer Network and Information Security Laboratory
16SCN16

System.out.println(generatedPassword);
}
}
OUTPUT:

run:

03c7c0ace395d80182db07ae2c30f034

M. Tech(sem 1) CNE Page 53


Computer Network and Information Security Laboratory
16SCN16

/*6b SHA-1*/

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
public class SHAExample
{
public static void main(String[] args) throws NoSuchAlgorithmException
{
String passwordToHash = "zeba";
byte[] salt = getSalt();
String securePassword = get_SHA_1_SecurePassword(passwordToHash, salt);
System.out.println(securePassword);
// securePassword = get_SHA_256_SecurePassword(passwordToHash, salt);
// System.out.println(securePassword);
// securePassword = get_SHA_384_SecurePassword(passwordToHash, salt);
//System.out.println(securePassword);
//securePassword = get_SHA_512_SecurePassword(passwordToHash, salt);
//System.out.println(securePassword);
}
private static String get_SHA_1_SecurePassword(String passwordToHash, byte[] salt)
{
String generatedPassword = null;
try
{
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(salt);
byte[] bytes = md.digest(passwordToHash.getBytes());
StringBuilder sb = new StringBuilder();
for(int i=0; i< bytes.length ;i++)
{

M. Tech(sem 1) CNE Page 54


Computer Network and Information Security Laboratory
16SCN16

sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));


}
generatedPassword = sb.toString();
}
catch (NoSuchAlgorithmException e)
{
e.printStackTrace();
}
return generatedPassword;
}
private static byte[] getSalt() throws NoSuchAlgorithmException
{
SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
byte[] salt = new byte[16];
sr.nextBytes(salt);
return salt;
}
// private static String get_SHA_256_SecurePassword(String passwordToHash, byte[] salt)
{
//Use MessageDigest md = MessageDigest.getInstance("SHA-256");
}
}

OUTPUT:
run:

1a8311bdae59f7d4e0a67b5ad29e0074b23661f7

M. Tech(sem 1) CNE Page 55


Computer Network and Information Security Laboratory
16SCN16

8.Using any simulation tool: demonstrate packet filtering firewalls, create the
ACL, create VLAN [Subnetting].

Solution: ACL(Access control list): Access lists filter network traffic by controlling whether
routed packets are forwarded or blocked at the router's interfaces. Your router examines each
packet to determine whether to forward or drop the packet, on the basis of the criteria you
specified within the access lists. Access list criteria could be the source address of the traffic, the
destination address of the traffic, the upper-layer protocol, or other information.

There are many reasons to configure access lists; for example, you can use access lists to restrict
contents of routing updates or to provide traffic flow control. One of the most important reasons
to configure access lists is to provide security for Access lists can allow one host to access a part
of your network and prevent another host from accessing the same area. In Fig, host A is allowed
to access the Human Resources network, and host B is prevented from accessing the Human
Resources network.

Figure Using Traffic Filters to Prevent Traffic from Being Routed to a Network

You can also use access lists to decide which types of traffic are forwarded or blocked at the
router interfaces. For example, you can permit e-mail traffic to be routed, but at the same time
block all Telnet traffic.

M. Tech(sem 1) CNE Page 56


Computer Network and Information Security Laboratory
16SCN16

Packet tracer simulating tool: It is a comprehensive networking technology teaching and learning
software with powerful simulation, visualisation, authoring, assessment and collaboration
capabilities.

It offers a unique combination of realistic simulation and visualisation experiences, complex


assessment and activity authoring capabilities and opportunities for multiuser collaboration and
competition.

Features:

 Real time and simulation modes

 User friendly CLI

 Global event list

 LAN, switching, TCP/IP routing

 Multiple platform support

Steps to follow to demonstrate ACL using Packet Tracer simulating tool:

M. Tech(sem 1) CNE Page 57


Computer Network and Information Security Laboratory
16SCN16

1. Select four PC’s, two switch’s with configuration 2950-24 and one router with 1841.
2. Make point to point connection between all of them in a topology.
3. Click on router-> configuration-> fast Ethernet 0/0 make port status ON and set IP
address to 192.168.1.1, then select fastethernet 1/0 on same page and make port status
ON and set IP address to 192.168.2.1
4. Click on PC1, go to configuration->select fast Ethernet then set IP address to 192.168.1.2
then click on subnet mask below to subnet address. Perform same for PC2 and give IP
address as 192.168.1.3
5. Set gateway address for all four PC’s. To do this, go to PC1 then configuration-
>Settings->gateway, set gateway address to 192.168.1.1 to PC1 and PC2. For PC3 and
PC4 set gateway address to 192.168.2.1
6. Ping the IP address 192.168.2.2 from PC1. That is click on PC1, go tp desktop then
command prompt then ping IP address.
7. Select router go to CLI there type commands like:

M. Tech(sem 1) CNE Page 58


Computer Network and Information Security Laboratory
16SCN16

8. Router> enable
a. #config t
b. #access-list 1 permit host 192.168.1.3
c. #access-list 1 deny host 192.168.1.2
d. #interface fastethernet0/0
e. #ip access group 1 in
f. #exit
g. #exit
9. Then close this window.
10. Select PC1 -> desktop-> command prompt -> ping 192.168.2.2 . The result for this is, it
displays as destination is unreachable because its access permission is deny.
11. 11.Select PC2-> desktop->command prompt-> ping 192.168.2.3 . The result for this is, it
displays ping message because its access permission is allowed to all other PC’s on this
network.

VLAN: Virtual Area Network: In a traditional LAN, workstations are connected to each other
by means of a hub or a repeater. These devices propagate any incoming data throughout the
network. However, if two people attempt to send information at the same time, a collision will
occur and all the transmitted data will be lost. Once the collision has occurred, it will continue to
be propagated throughout the network by hubs and repeaters. The original information will
therefore need to be resent after waiting for the collision to be resolved, thereby incurring a
significant wastage of time and resources.

To prevent collisions from travelling through all the workstations in the network, a bridge or a
switch can be used. These devices will not forward collisions, but will allow broadcasts (to every
user in the network) and multicasts (to a pre-specified group of users) to pass through. A router
may be used to prevent broadcasts and multicasts from travelling through the network.

M. Tech(sem 1) CNE Page 59


Computer Network and Information Security Laboratory
16SCN16

The workstations, hubs, and repeaters together form a LAN segment. A LAN segment is also
known as a collision domain since collisions remain within the segment. The area within which
broadcasts and multicasts are confined is called a broadcast domain or LAN. Thus a LAN can
consist of one or more LAN segments. Defining broadcast and collision domains in a LAN
depends on how the workstations, hubs, switches, and routers are physically connected together.
This means that everyone on a LAN must be located in the same area.

VLAN's offer a number of advantages over traditional LAN's. They are:

1) Performance: In networks where traffic consists of a high percentage of broadcasts and


multicasts, VLAN's can reduce the need to send such traffic to unnecessary destinations. For
example, in a broadcast domain consisting of 10 users, if the broadcast traffic is intended only
for 5 of the users, then placing those 5 users on a separate VLAN.

2) Reduced Cost: VLAN's can be used to create broadcast domains which eliminate the need for
expensive routers.

3) Security: Periodically, sensitive data may be broadcast on a network. In such cases, placing
only those users who can have access to that data on a VLAN can reduce the chances of an
outsider gaining access to the data. VLAN's can also be used to control broadcast domains, set
up firewalls, restrict access, and inform the network manager of an intrusion AN can reduce
traffic.

M. Tech(sem 1) CNE Page 60


Computer Network and Information Security Laboratory
16SCN16

To demonstrate VLAN, packet tracer simulation tool is used. Steps to be followed to implement
this:

1. Click Start -> All Programs -> then select Packet Tracer or you can double-click directly
on your computer desktop.
2. To create a VLAN, first we have to create a network. Here I make the computer network
3. of 4 computers connected to the switch then will divide it into 2 VLAN, so that each
VLAN has 2 computers connected to the network.
4. To illustrate Switches, Select Switch on the bottom left after that select the most remote
switch type 2950-24.
5. Once the switch is formed next, select End Devices to describe computer.
6. Then set the IP address of each computer by clicking on the image of the computer is on
the stage so that the display appears as below. Select Config >> FastEthernet then browse
IP Address and Subnet Mask. IP address is 192.168.1.1 on computer 1 and then
incremented by one each computer on the computer to 192.168.1.4 After the Switch and
computer image is formed, then we connect with a straight cable.
7. After Computer Switches and formed, then we will create a VLAN and VLAN divide it
into 2. Each VLAN so there are 2 computers connected to the network. Way is by

M. Tech(sem 1) CNE Page 61


Computer Network and Information Security Laboratory
16SCN16

clicking on the image on the switch that stage so it will appear as shown below. Select
Config VLAN >> VLAN database and then enter the VLAN Name and VLAN Number
as we need and then Add. In this case we create VLAN 5.
8. After creating a new VLAN (VLAN so that now there are 5), we will set the computer
which will be connected to VLAN1 until VLAN5. Way is by clicking on the image
switch is in the stage so that it will appear as shown below. Select Config >>
FastEthernet0 / 1 (meaning the computer 1). "Access" means connected between the
computer and switch. VLAN 1 means 1 computer into VLAN 1. Do the same to the
computer 10. Computers 1 and 2 = VLAN1, 3 computers and 4 = VLAN2.
9. Once divided into 2 VLAN, then drag the image envelope marked to the computer 1 and
When in drag to a computer 1 will appear,. Then fill the destination computer IP address.
Do the same thing on 2nd computer and other computers.
10. Then test the connection between computers in the same VLAN with the click
Simulation.

Packet Filtering Firewall: The Packet Filtering Firewall is one of the most basic firewalls. The
first step in protecting internal users from the external network threats is to implement this type
of security. The first ever firewalls used were of packet filtering type only. As the trends of
network threats started changing, so did the firewall building strategies. Most of the routers have
packet filtering built-in, but the problem with the routers is that, they are difficult to configure
and don’t provide extensive logs of the incidents.

M. Tech(sem 1) CNE Page 62


Computer Network and Information Security Laboratory
16SCN16

Steps to carry simulation by using packet tracer simulating tool:

1. Create3 laptop’s, one switch-PT, one router-PT, one server-PT.

2. Establish point to point connection between these devices.

3. Click on laptop1, configure gateway as, click configuration-> select gateway and sat as
192.168.1.1 and select fast Ethernet -> Set IP address to 192.168.1.11

4. Similarly carry out to rest two laptops with IP address for laptop2 as 192.1681.12 and tcp
laptop3 as 192.168.1.13 and set gateway to 192.168.1.1 for both laptop’s.

5. Click on router -> configuration-> fastethernet 0/0 there set IP address to 192.168.1.1 ,
then make port status ON. Then on same window select fast Ethernet 1/0 there set IP
address to 10.10.10.11.

6. Click on server-configuration->select fastethernet set IP address to 10.10.10.128 then go


to settings ->gateway -> set to 10.10.10.11

7. Click on laptop1->desktop->command prompt, there ping 192.168.1.12(this is IP address


of laptop 2), And then ping 10.10.10.128(this is server address). Close the window.

M. Tech(sem 1) CNE Page 63


Computer Network and Information Security Laboratory
16SCN16

8. Click on router ->CLI -> type ip address 10.10.10.11 255.0.0.0

a. Router(config-if)#access-list 101 deny icmp any any host unreachable


1. #access-list 101 permit tcp any any eq www
2. #interface fastethernet 0/0
3. #ip access-group 101 in
4. #exit
5. #exit
b. Router#
c. Close the window.

9. Click on laptop1->configuration->command prompt-> ping 10.10.10.128 , then on same


window go to web browser under URL type 10.10.10.128

10. Now run simulation, window opens there select edit filters , click on show all/none then
select icmp and http. On simulation window click on auto capture/play, a window called
buffer- full will open click on view previous events. Then again click on auto
capture/play click on clear access list on buffer full window.

11. Click on laptop1-> desktop->command prompt-> ping 10.10.10.128 . You can notice
packets moving from laptop1 to switch and to router and back to laptop1.

12. Click on laptop1-?desktop->open web browser->type URL as 10.10.10.128

13. Again on simulation window click on auto capture/play, a window buffer full will open
click on clear lists. Finally you can notice packets moving from laptop1 to switch , router,
server and back to laptop1.

M. Tech(sem 1) CNE Page 64

Das könnte Ihnen auch gefallen