~75 minutes. Run traceroute to 3 hosts; annotate the hop pattern. Use curl to inspect HTTP response headers. Use dig to query DNS.
Goal: observe the network path to a remote host; read HTTP headers from a real server; understand DNS TTL from a live query.
Estimated time: 75 minutes
Prerequisites: Week 11 lecture (IP, DNS, ports, traceroute, curl, dig)
Setup
mkdir -p ~/fnd-101/lab-11-1
cd ~/fnd-101/lab-11-1
Verify tools are available:
which traceroute || which tracert # Windows: tracert
which curl
which dig || which nslookup
On Linux, install if needed: sudo apt install traceroute dnsutils or equivalent.
Part A: Traceroute to 3 hosts
Run traceroute to each of the following. On macOS/Linux use traceroute; on Windows use tracert.
traceroute virtuscyberacademy.org
traceroute 8.8.8.8
traceroute one.one.one.one
For each trace, record:
- How many hops did it take to reach the destination?
- What is the approximate round-trip time to the final hop (in milliseconds)?
- Were there any hops that did not respond (showing
* * *)? What does this mean? - Can you identify any pattern in the hop addresses? (Are early hops in a private range? When does it switch to public addresses?)
Annotate your output in lab-11-1-traceroute.txt.
Part B: curl -- inspect HTTP headers
curl -v https://virtuscyberacademy.org 2>&1 | head -50
The -v flag prints the full request and response. The 2>&1 redirects the verbose output (which goes to stderr) to stdout so you can pipe it to head.
In your notes file, identify and label:
- The TLS handshake line (look for "SSL connection" or "TLS 1.3")
- The HTTP request line:
GET / HTTP/2or similar - The HTTP response status code (200, 301, etc.)
- The
Content-Type:header - The
Server:header (what web server software is the academy using?) - Any
Strict-Transport-Security:header (HSTS). What does this header tell the browser?
# For just the headers (faster):
curl -I https://virtuscyberacademy.org
Part C: DNS queries with dig
dig virtuscyberacademy.org
In the output, find:
- The "ANSWER SECTION": what IP address(es) does the domain resolve to?
- The TTL value next to the answer. What does TTL mean in DNS? How long (in seconds) will a resolver cache this answer?
- The "AUTHORITY SECTION" (if present): what are the nameservers for this domain?
Run two more queries:
dig 8.8.8.8
dig github.com MX # query the MX (mail exchanger) record type
What does the MX record tell you about where GitHub sends email?
Part D: Observe your own open ports
ss -tlnp # Linux
# or:
netstat -an | grep LISTEN # any OS
List 3 ports that are listening on your machine. For each:
- Port number
- Protocol (tcp/udp)
- What service you think is using it (look up common port numbers if unsure)
Expected output / artifact
lab-11-1-notes.txt with:
- Annotated traceroute output for all 3 hosts (you can paste and annotate)
- curl header analysis for virtuscyberacademy.org
- dig answers for all 3 queries
- Part D port listing
git add lab-11-1-notes.txt
git commit -m "lab-11-1: traceroute, curl headers, DNS queries"
Common pitfalls
- Traceroute stuck at
* * *: some routers block ICMP. If traceroute does not complete, trytraceroute -T(TCP mode on Linux) ortracerton Windows (which uses ICMP echo by default). A route that shows* * *for all hops beyond a certain point may be blocked by a firewall. - curl: SSL certificate error: if you see an SSL error on a site, try adding
-kto skip verification (for diagnostic purposes only; never use-kin production scripts). - dig not installed on macOS: modern macOS has
digbut if not:nslookup virtuscyberacademy.orgis an alternative. It shows less detail but confirms the IP. - netstat vs ss:
netstatis older but universally available;ssis the modern replacement on Linux and shows more detail.
Stretch (optional)
Use curl -w "%{time_total}\n" -s -o /dev/null https://virtuscyberacademy.org to measure the total request time. Run it 5 times. Is the time consistent? What factors would cause variation?
Lab 11.1 v0.1.