These are the passing problems for the Netreads W'17 term. You will find the exercises for precious terms in files named passing-.txt where is a combination of letters and numbers identifying the term. You can look there and around the notes directory for hints. Submit your command line scripts and packet captures. Add screenshots as needed. Please note that I will _not_ accept MS Word files (.doc, .docx), but only plain text, Markdown, LaTeX, or PDF. You are expected to use the Unix shell, Scapy, tcpdump, wireshark/tshark or any other tools necessary. You are expected to use either Hurricane Electric's tunnelbroker.net or Miredo to obtain IPv6 connectivity---unless your ISP already supports it (I hear, Comcast occasionally does, check your ifconfig). Throughout these exercises, you will need to suppress some responses of your native OS kernel. Use IPtables if your machine is GNU/Linux; if it's MacOS X, work from a Linux VM or use MacOS' native pf (see solutions-f15.txt for hints). 0. Get yourself some kind of IPv6 connectivity. Hurricane Electric's tunnelbroker.net would work best with a public routable IP or a NAT box that supports protocol 41, otherwise a Miredo IPv6 tunnel should work for you. The task5.txt file has the details. Note that Miredo tunnels can be unreliable, so always start with checking connectivity to test6.dartmouth.edu, and repeat sending your crafted packets several times to make sure it's not a connectivity glitch that's getting in your way. In particular, Scapy's sr1() _may not work the first time_ if you are using Miredo. Try a few times---and remember that sr1() may not work at all for crafted IPv6 packets. If you are using Miredo, NOTE that tcpdump's capture filters on tunX interfaces created by Miredo do NOT seem to work on MacOS! Thus "tcpdump -i tun0 -n -x" will show you your IPv6 packets sent over the Miredo tunnel, but "tcpdump -i tun0 -n -x ip6" will _not_. This has to do with tcpdump misunderstanding the type of the Miredo interface's link, and applying the wrong filter. There is still a way to filter packets on a Miredo tunnel interface with tcpdump, but you need to do this in the raw bytes. For example, "tcpdump -v -i tun0 -n 'ether[4] & 0xF0== 0x60'" works for any IPv6 packets (as "ip6" should) and "tcpdump -v -i tun0 -n 'ether[4] & 0xF0== 0x60 and ether[10] == 0x3a" works for any ICMPv6 packets (as "ip6 and icmp6" should). As would can see, the filter has all fields of IPv6 shifted by 4. 1. Send an IPv6 ICMP echo request packet to 2604:5f00:ffff:fe00::101:ca75 . that (1) has your first and last name instead of the standard ICMP echo payload and (2) is over 1000 bytes long. DO NOT send many pings. Send a few, use the -c option to send a limited number of pings. You should get a normal ICMPv6 reply. But you will also get something else back, as described in Problem 2. Namely, you will trigger a traceroute back to your IPv6 address. If you got 100% packet loss, resend your ping. Sometimes packets get lost, especially with Miredo. 2. Your ICMPv6 ping will activate a traceroute6 request back to your IPv6 address. You must (1) capture the packets that comprise this request, note which protocol is used; (2) fool the tracerouting host into believing that there are another several hosts on the way to your machine's IPv6 address. The results of traceroutes are logged and posted automatically in http://ulthar.cs.dartmouth.edu/traces/ and will be labeled by you IPv6 address and the time you initiated the scan with your ping. NOTE: Wait a minute or two before repeating your attempt. Traceroute takes a few seconds to complete; reload the trace log file if it has not. 3. There is a DNS server at the IPv6 address 2604:5f00:ffff:fe00::1337:c0de . It is reachable over IPv6 only, and is not part of the global DNS system. You can test your connectivity to this DNS server by asking it for the AAAA record (i.e., IPv6 address) of puzzle.test6.dartmouth.edu . You should get the answer of 2604:5f00:ffff:fe00::bad:c0de . This answer is for testing only, and will not be useful except for testing whether you can reach this server. If your request times out instead, something is wrong, and you should let me know---but check that you can ping6 2604:5f00:ffff:fe00::1337:c0de. If you can't, then check your IPv6 connectivity as per Problem 0. You should query this DNS server for the IPv4 address of secret.test6.dartmouth.edu . There is one compilation, though: the server will reject any DNS requests for this address that have the "recursion desired" option set, which is the default of many standard DNS tools. The server will drop them, and they will time out on your end. This request will give you an IPv4 address. You will need it for problem 4; also record how you got it. 4. Take the IPv4 address obtained in Problem 3. When you ping this address with ICMP echo requests of over 150 bytes long (which is not the standard ping default), the packets carrying the echo replies will contain a hidden message spread across them. Find out how this message is transmitted, and what it is. The message is set to repeat as you ping, like a looping record. This kind of trick is called a covert channel in IP. Hint: It is a historic short poem in English encoded as plain ASCII; it is less than 100 characters long. Once you have it, is easy to google it and its history. For a HP, write the sender and receiver scripts that can send and receive any messages so encoded, and test them between machines where you have root access.