Using Netinfo to Collect Computer and Network Information

A ping flood is exactly what it sounds like. A program sends a large number of ping packets to a host. They cause the host to reply, which ties up CPU cycles and bandwidth. A variation is a smurf attack, in which pings are sent to a broadcast address. All the requests contain spoofed source address of the host to be smurfed. When computers respond to the broadcast ping, they send their replies to the single host whose address is spoofed. The host is then flood with ping responses, causing it to slow down or even freeze while it processes all the packets. Distributed denial-of-service (DDoS) attacks use many systems to attack a single network resource. Often the attacking systems are unaware they are involved because the attack software is installed as malware and set to activate on a certain date and time.

In this project, you download and install an evaluation version of Netlnfo. NetInfo is a collection of 15 different state-of-the-art network tools on a single, easy-to-use interface. The download is a file containing a Microsoft installer (.msi) file that must be extracted to run it.

  1. Start your Web browser and download netinfo.msi.

  2. Follow the instructions to download and install Netlnfo.

  3. Ask one of your classmates for their IP address e.g. 193.61.191.72

  4. Type ping computername (replacing computername with the name of the computer you chose e.g. 193.61.191.72 ) and press Enter.

  5. To start Netlnfo, double-click the Netlnfo desktop shortcut or click Start, point to All Programs, point to Netlnfo, and click Netlnfo. Click No in the message box stating you can try Netlnfo for 30 days, and then click I Agree. If the Tip of the Day dialog box opens, click to clear the Show tips at startup check box, and then click Close.

  6. Click the Services tab. In the Host text box, type the IP address of your friends PC and click Verify. (If you are doing this project yourself, you can type 127.0.0.1 in the Host text box to scan your own computer).

  7. Your screen should look like the following.

  8. Find ports that show a status of Open. Open ports represent network services the computer offers but can also represent vulnerabilities that attackers can exploit. Write the name and number of these ports:

  9. Clear the output from the last command by right-clicking in Netlnfo, pointing to Clear, and clicking All.

  10. Next, you'll scan a range if IP addresses to see which computers are available on the network. You do this by clicking on the scanner tab.

  11. In the Address text box, type the first three octets of the IP address you used previously followed by a 0 for the last octet. For example, if the address you used was 193.61.191.71, type 193.61.191.0. This setting scans all addresses from 193.61.191.0 through 193.61.191.255.

  12. Your screen should look like the following.

  13. Click Start. Write down the name and address of the first three computers for which Netlnfo indicated the status "Host is alive." (You can sort the results by clicking the Status column.)

  14. In the Name column, right-click one of the computers, point to Send To, and click Services. In the Services tab, click Verify to see a list of services this computer provides.

  15. Your screen should look something like the following.

  16. Now try going back to the previous list of hosts which are alive and trying 'send to' with the other services.