Path Analyzer Pro Lab

[toggle_content title="Transcript"] Alright. In this next lab I want to look at Path Analyzer Pro. In order to install that, I would imagine you would go to Google and search for Path Analyzer pro and then go ahead and click it. This is going to be a analyzer tool in which we can go quick download, scroll down you can see that what you can see that once you get with the premier version but we are going to go right here to downloads. You have got choices here you have got Mac, you have got Windows you have got Red Hat or you are going to go & download the one for the windows clearly and open that up you can install it right from the location you don't necessarily need to download and save it. Run to the wizard real quick accept the license agreement you can install where you like that we will ever do literally just be next, next, next, next, next to go user specific set of features. Okay so we have been successful installed and we will go ahead and go down and then we will go around the tool. So Path Analyzer Pro now don't forget we are going to be looking at layer3 over the OSI model here. A lot of people here get confused basically to - we will look at all the options but typically we are in layers 3 sometimes 4, sometimes above we will look at that let us go ahead and make that as large as we can. Target and it is going to run a report you see it working down here in the bottom right hand side. You can also start looking at the ways to standardize things. You can ICMP TCP or UDP just check the one where ever you possible can. Always start with ICMP first that specifically is layer three of the OSI model I was referring to above that you have layer 4 of the OSI model which is TCP connection oriented and UDP connection list - you can choose your source ports in this case, random anywhere through that would be fine. The different tracing modes if you want it adaptive or if you want to start getting fancy. You can actually say hello to a host by saying goodbye. You send it a finish request which is kind of very odd flag TCP flag to send someone. Because it is like saying hey I am finished and then walking away - so you can set the length of the packet. You can set the lifetime in milliseconds and type of service. These are all options if you know the protocol stack inside now this is like home territory for you. But you are new to this or completely new to this. These are parameters that you are likely to just tweak a little bit every now and again to see how the systems and start putting the picture together, slowly, slowly and slowly. If you want to specify a particular sequence numbers or just let it start at one which is probably the easiest way to go and that is realistically all we are going to be looking for right now. So we are going to go to every port let us say – one packets received after TTL. You may change your settings – you have got IP addresses in here. If you just right click these you can copy this address that is hopeful sometimes. But in this case this is the home network address being 192.168.92 you can go to synopsis. These are DNS records that finds the DNS record 199.195 whatever it is you just record that - routing we know it is an IP address again layer 3 but it also discloses the subnet mask here. Also there would find registry information in this case a great hosting company. I always recommend A2 Hosting Inc - if you have got any questions about that you just give me a call. You got intercepts best lawful intercepts basically if law enforcement need n't get involved they will call A2 Hosting and A2 Hosting would be finally be happy to call me. You have got different charts here this is going to be chart latency in terms of hops and it will basically graph it out here. You can change your graphs over here depending on what graph you realistically like the best. I don't have a lot of great gritty here to show you but if you start going to basically let it calculate one you do get information. This is the place where you get it - geography where it will pop you out on the map. You can look at logs now this is helpful in here because everything that we have been doing ultimately can be done at the command prompt and realistically if you wanted to copy that for your documentation or reporting this is where you do it. This is great select all - and copy and that is the type of stuff that you put in the report once you are done everything here. And then of course any sort of statistics and things like that - now this was a one-time trace but you could also do time traces and continue as traces as time into it and then you basically keep going and keep going and keep going and the interval at which you will keep going at. Path Analyzer Pro is a decent tool in terms of just doing your basic layer2 and layer3 not to mention layer2 here. You do have a history here though - lastly preferences. What time zone is you need to set it to local – sometimes that is always helpful in rare situations. You may need to specify local but I would say universal is probably probably everybody is using universal and that can solve all the time zones and everything else. What are port specifically if you want to specify default TCP 53 you are not really going to change that and then the destination port that you are trying to hit with TCP and UDP both layer 4 information. Display you have got some basic stuff should you choose to change the colors. Geography basically geo encoding this would basically would bring any whois information whenever possible and I never used the other one. And then data sources again the same thing prefix whois and licensing agreement if and when you choose to buy. So now you can see that since I have been running a continuous trace it keep running and keeps running and keeps running. So we will go ahead and stop that in terms of statistics but in this case just basic graph information. When you scale larger entities of a particular website you can definitely surpass the information here. But nonetheless it is just a quick - in the grand scheme of things. This is just a quick tool for you to kind of just get the quick basic layer 3 and layer 4 information and relate that to a host and connecting those two dots. The rest would be basically be in the area of the charts and using charts and getting good variables other than the single one and two that I have now. It is not uncommon to get all sorts of fancy lines other that the one I may imagine 30 or 40 here. So that is going to be it - that is Path Analyzer Pro that is how to install it. That is the basic connecting of the dots of the layer 3 and layer 4 information and how to do some basic reconnaissance on evaluating targets. Thank you for watching my name is Leo Dregier and don't forget to check us out on Facebook, LinkedIn, YouTube and Twitter. [/toggle_content] Path Analyzer (Analyzer Pro) is an analyzing and reporting tool used on the OS at layer 3 (ICMP) of the OSI model, and sometimes layer 4 (TCP/IP). Its purpose is to view and analyze trace routes by looking at packets and traffic performance on the network. For example, when you experience bogs on the network at certain periods of the day, Path Analyzer enables you find the root of the problem. With Path Analyzer, you can view your network, determine where you have traffic issues on the network (route) and locate where those traffic issues originated from (host).
Recommended Study Material
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google Play Get it on the App Store

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?