Networking

IP Addresses and Domain Names

IP addresses and domain names are two important parts of how we access websites on the internet.

IP addresses are like the phone numbers of the internet. Just like you need a phone number to call someone, your computer needs an IP address to communicate with other computers on the internet. An IP address is a unique series of numbers separated by periods. For example, 216.58.194.174 is the IP address for Google.com.

However, remembering long strings of numbers can be difficult, which is why domain names were created. Domain names are like the names in your phone’s contact list. Instead of typing in a long series of numbers, you can simply type in the domain name and your computer will look up the corresponding IP address.

For example, instead of typing in 216.58.194.174 to access Google, you can just type in “Google.com” into your web browser.

Here’s another example: the domain name “CNN.com” corresponds to the IP address 151.101.1.67. So when you type “CNN.com” into your web browser, your computer looks up the IP address 151.101.1.67 and uses it to connect to CNN’s website.

In summary, IP addresses are like phone numbers for computers, and domain names are like the names in your phone’s contact list that make it easier to remember and access websites on the internet.

ping command

The ping command is used to test whether your computer can communicate with another computer on the internet. It sends a small message called an “echo request” to the other computer, and then waits for a response. If it receives a response, it knows that the two computers are connected and can communicate with each other.

Here’s an example of how to use the ping command on a Linux system:

Open a terminal window on your Linux computer.
Type “ping” followed by the IP address or domain name of the computer you want to test. For example, if you want to test 1. whether you can communicate with Google’s server, you would type:
```
"ping www.google.com"
```
Hit enter. The ping command will send a series of echo requests to the specified computer and wait for responses.
The results will be displayed in the terminal window. You will see information about the number of echo requests sent, the number of responses received, the time it took for each response to be received, and more.

If you receive a response from the other computer, that means your computer is connected to the internet and can communicate with the other computer. If you don’t receive a response, it could mean that there is a problem with your internet connection or with the other computer’s connection.

To stop the ping command from running:

Press the “Ctrl” key and the “C” key on your keyboard simultaneously. This key combination sends a signal to the terminal to interrupt the running command.
After pressing “Ctrl + C,” you will typically see a summary of the ping statistics, such as the packet loss and round-trip time.

In summary, the ping command is a tool used to test whether your computer can communicate with another computer on the internet. It sends a small message and waits for a response, and the results are displayed in the terminal window.

Activity: Ping Google

Open a terminal window and type ping www.google.com. How many packets are sent by default?

Activity: Ping 8.8.8.8

Type ping 8.8.8.8. What is the IP address that you are pinging?

ifconfig command

The ifconfig command is a tool that you can use in the Terminal on Ubuntu to get information about the network interfaces on your computer. A network interface is like a doorway that lets your computer connect to the internet or other devices on a network.

Here’s how to use the “ifconfig” command on Ubuntu:

Open the Terminal application. You can do this by clicking on the “Activities” menu at the top left of your screen and typing “Terminal” in the search bar.
Once the Terminal opens, type the command ifconfig and press enter. This will show you information about each of the network interfaces on your computer.
Look for the section labeled “eth0” or “wlan0”. These are the most common names for the network interfaces on Ubuntu. You should see a line labeled “inet addr”, followed by a set of numbers separated by dots. This is your computer’s IP address on the network.
If you want to see more information about a specific network interface, you can use the command “ifconfig eth0” (replace “eth0” with the name of the interface you want to see). This will show you more detailed information, including the amount of data that has been sent and received through that interface.

Overall, the “ifconfig” command is a useful tool for understanding how your computer is connected to the internet and troubleshooting network problems. With a little practice, you can use it to get a better understanding of your computer’s network connections!

Activity: Find your IP address:

Open the Terminal and type “ifconfig”. Look for the section labeled “eth0” or “wlan0” (depending on how your computer is connected to the network). Find the line labeled “inet addr” and write down the set of numbers separated by dots. This is your computer’s IP address on the network.

nslookup command

The nslookup command is used to look up information about domain names on the internet. A domain name is a human-readable name that is used to identify a website or other internet resource, such as “google.com”. When you type a domain name into your web browser, your computer needs to know the IP address associated with that domain name in order to connect to the correct server on the internet. The nslookup command can be used to find out what IP address is associated with a particular domain name.

Here’s an example of how to use the nslookup command on a Linux system:

Open a terminal window on your Linux computer.
Type “nslookup” followed by the domain name you want to look up. For example, if you want to find out the IP address associated with Google’s website, you would type “nslookup www.google.com“.
Hit enter. The nslookup command will contact a DNS (domain name system) server on the internet and ask for information about the specified domain name.
The results will be displayed in the terminal window. You will see the IP address associated with the domain name you looked up, as well as other information such as the name and IP address of the DNS server that provided the information.

For example, if you run the nslookup command on ”www.google.com“, you might see output like this:


    Server:         8.8.8.8
    Address:        8.8.8.8#53

    Non-authoritative answer:
    Name:   www.google.com
    Address: 142.251.33.196

This output tells you that the DNS server at IP address 8.8.8.8 provided the information, and that the IP address associated with ”www.google.com” is 142.251.33.196.

Unfortunately, some hackers use this information to do bad things, like breaking into computer networks and stealing information. They can use the “nslookup” command to figure out what the internet address of a computer is, and then try to find ways to get into that computer. It’s important to remember that not everyone who uses the “nslookup” command is a hacker, and many people use it for good reasons, like fixing problems with computer networks. But if you ever feel like someone is using the “nslookup” command to do bad things, you should tell a trusted adult or report it to the authorities.

In summary, the nslookup command is used to look up information about domain names on the internet. It can be used to find out what IP address is associated with a particular domain name, which can be useful for troubleshooting network issues and understanding how the internet works.

Activity: Look up the IP address for a website

Open the Terminal and type “nslookup example.com” (replace “example.com” with the website you want to look up). The command will show you the IP address associated with that website.

Activity: Look up the domain name for an IP address

Open the Terminal and type “nslookup 8.8.8.8” (replace “8.8.8.8” with the IP address you want to look up). The command will show you the domain name associated with that IP address.

whois command

The whois command is used to look up information about domain names and IP addresses. When you register a domain name or IP address, you provide information such as your name, address, and contact information. This information is stored in a public database known as the WHOIS database. The whois command can be used to search this database and retrieve information about a particular domain name or IP address.

Here’s an example of how to use the whois command on a Linux system:

Open a terminal window on your Linux computer.
Type “whois” followed by the domain name or IP address you want to look up. For example, if you want to find out who owns the domain name “google.com”, you would type “whois google.com”.
Hit enter. The whois command will contact a WHOIS server on the internet and retrieve information about the specified domain name or IP address.
The results will be displayed in the terminal window. You will see information such as the name of the domain owner, the name of the domain registrar, and the date the domain was registered.

For example, if you run the whois command on “google.com”, you might see output like this:

Domain Name: GOOGLE.COM
Registry Domain ID: 2138514_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.markmonitor.com
Registrar URL: http://www.markmonitor.com
Updated Date: 2018-02-21T18:36:40Z
Creation Date: 1997-09-15T04:00:00Z
Registry Expiry Date: 2020-09-14T04:00:00Z
Registrar: MarkMonitor Inc.
Registrar IANA ID: 292
Registrar Abuse Contact Email: abusecomplaints@markmonitor.com
Registrar Abuse Contact Phone: +1.2083895740

This output tells you that the domain name “google.com” is registered with MarkMonitor Inc. and provides contact information for their abuse team.

Unfortunately, some hackers use this information to do bad things, like trying to trick people into giving them sensitive information or launching attacks against the website or company. They can use the “whois” command to find out who owns the website or company, and then try to find vulnerabilities to exploit.

It’s important to remember that not everyone who uses the “whois” command is a hacker, and many people use it for good reasons, like researching companies or reporting abuse. But if you ever feel like someone is using the “whois” command to do bad things, you should tell a trusted adult or report it to the authorities. Also, remember to keep your personal information private and be careful when sharing it online.

In summary, the whois command is used to look up information about domain names and IP addresses. It can be used to find out who owns a particular domain name or IP address, which can be useful for verifying the authenticity of a website or tracking down spam emails.

Activity: Look up the owner of a domain

Open the Terminal and type whois example.com (replace “example.com” with the domain you want to look up). The command will show you information about the domain name, including the owner and contact information.

Activity: Look up information about an IP address

Open the Terminal and type whois 8.8.8.8 (replace “8.8.8.8” with the IP address you want to look up). The command will show you information about the organization that owns that IP address, including their contact information.

Ports and Firewalls

Ports and firewalls are like security measures for the school’s network, which is like a big web that connects all the computers and devices in the school.

Ports: Think of ports as small windows or openings on the doors of each classroom. These windows allow things to go in and out of the classroom. In the same way, ports in networking are like openings on a computer or device that let different types of information travel in and out.

For example, let’s say you want to send an email from your computer to your friend’s computer. The email needs to go through a specific port, just like a package needs to go through a specific window in a classroom door. Different types of information, like emails, web pages, or video calls, use different ports to travel through the network.

Firewalls: Now, imagine that the school wants to make sure only authorized people can enter the classrooms. To do this, they install a firewall at the entrance of each classroom. A firewall is like a security guard who checks who’s coming in and out of the classroom.

Similarly, in networking, a firewall is a special software or hardware that checks and controls the information coming in and going out of a computer or device. It acts as a barrier, just like a security guard, and decides if certain information should be allowed to pass through or not.

The firewall checks the information based on certain rules set by the school or network administrator. These rules determine which types of information are safe and which are potentially harmful. The firewall helps protect the network from unauthorized access and potential threats like viruses or hackers.

So, ports are like the windows or openings that allow information to move in and out of computers, and firewalls are like security guards that decide if the information is safe to pass through based on certain rules.

Together, ports and firewalls help keep the network secure and make sure that only the right information goes where it’s supposed to go, just like the school’s doors and security guards help keep the classrooms safe and only let authorized people enter.

Network Monitoring with Wireshark

Wireshark is like a special detective tool that allows you to peek into the messages being sent over a network. It’s a software program that captures and analyzes the information that flows between computers.

Here’s how it works:

Imagine you have a network with different computers connected to each other. When one computer sends a message to another computer, the message is divided into tiny pieces called packets. These packets are like small envelopes that carry information.
Wireshark acts like a secret agent that watches the network traffic and captures these packets as they travel from one computer to another. It can see what’s inside each packet, like who sent it, where it’s going, and what it contains.
Once Wireshark captures the packets, it organizes them and shows you all the details in an easy-to-understand way. It’s like looking at the contents of the envelopes and understanding what each piece of information means.
Wireshark can show you things like which websites someone is visiting, what emails they are sending, or even what videos they are watching. It can help you detect any problems or suspicious activities on the network.
Just like a detective uses evidence to solve a case, Wireshark gives you evidence about what’s happening on the network. It helps you understand how computers communicate with each other and identify any issues or security concerns.

Remember, Wireshark is a powerful tool that needs to be used responsibly. It’s like having a secret agent power to investigate network activities, but it’s important to use it for good purposes and respect privacy.

So, Wireshark is like a detective tool that captures and analyzes the messages being sent on a network, helping you understand how computers communicate and uncover any issues or suspicious activities.

Putting it All Together

Start by opening a command prompt or terminal window on your computer.

Type the following command and press enter: ifconfig

This command will display information about your computer’s network interface configuration, such as the IP address, subnet mask, and default gateway. Take a moment to read through the information displayed and make note of the IP address.

Next, type the following command and press enter: whois [IP address]

Replace [IP address] with the IP address you noted in step 2. This command will query the WHOIS database to retrieve information about the owner of the IP address, such as the internet service provider (ISP) and the geographic location. Read through the information displayed and try to determine the location of the IP address.

Finally, type the following command and press enter: nslookup [domain name]

Replace [domain name] with the name of a website you want to look up. This command will query the DNS (Domain Name System) server to retrieve the IP address associated with the domain name. Read through the information displayed and note the IP address.

Try visiting the website you looked up in step 4 by typing its URL into your web browser. Notice how your computer communicates with the website’s server using the IP address you retrieved.

Vocabulary Review

Terms	Definitions
IP addresss	a unique series of numbers separated by periods
Domain name	names that make it easier to remember a website
ping	used to test whether your computer can communicate with another computer on the internet
ifconfig	command used to display information about the network interfaces on your computer
nslookup	command used to look up information about domain names on the internet
whois	command used to look up information about domain names and IP addresses
ports	-
firewalls	a special software or hardware that checks and controls the information coming in and going out of a computer or device
wireshark	a software program that captures and analyzes the information that flows between computers

Review Questions

\begin{enumerate}[1.] \item What does “IP address” stand for? \begin{enumerate}[(a)] \item Internet Protocol address \item Internet Provider address \item Internal Port address \item Internet Proxy address \end{enumerate}

\item What is the purpose of a "domain name"?
\begin{enumerate}[(a)]
    \item To identify the location of a specific file on a server
    \item To assign a unique identifier to a computer or device on a network
    \item To provide a friendly and memorable name for a website or server
    \item To encrypt data transmitted between a client and server
\end{enumerate}

\item What is the purpose of the "ping" command?
\begin{enumerate}[(a)]
    \item To test the bandwidth of a network connection
    \item To measure the response time between two computers or devices
    \item To scan a network for open ports and vulnerabilities
    \item To encrypt data transmitted over a network connection
\end{enumerate}

\item What does the "ifconfig" command do?
\begin{enumerate}[(a)]
    \item Displays the routing table of a computer or device
    \item Configures the network interface settings of a computer or device
    \item Scans a network for available devices and their IP addresses
    \item Performs a DNS lookup to resolve a domain name to an IP address
\end{enumerate}

\item What is the purpose of the "nslookup" command?
\begin{enumerate}[(a)]
    \item Retrieves the WHOIS information of a domain name
    \item Tests the connectivity between two network devices
    \item Performs a reverse DNS lookup to obtain a domain name from an IP address
    \item Performs a DNS lookup to obtain the IP address associated with a domain name
\end{enumerate}

\item What does the "whois" command do?
\begin{enumerate}[(a)]
    \item Tests the availability and response time of a website or server
    \item Displays information about the owner and registration details of a domain name
    \item Scans a network for open ports and vulnerabilities
    \item Measures the bandwidth of a network connection
\end{enumerate}

\end{enumerate}