Use common network diagnostic tools to:
- Measure latency to multiple hosts
- Identify network path hops
- Observe differences in routing to global endpoints
- Compare IPv4 vs IPv6 behavior (optional)
This lab introduces packet flow fundamentals used in troubleshooting, networking, and cybersecurity operations.
~10–15 minutes
- Windows, Linux, or macOS terminal
- Internet connection
pingtraceroute(Linux/macOS) ortracert(Windows)- Optional:
mtr(Linux)
Run ping to three different hosts:
google.comcloudflare.comopenai.com
ping google.com
ping cloudflare.com
ping openai.comping -c 4 google.com
ping -c 4 cloudflare.com
ping -c 4 openai.comRecord the following for each host:
- Average latency (ms)
- Packet loss (should be 0%)
- IP address resolved
tracert google.comtraceroute google.comRepeat for:
cloudflare.comopenai.com
For each trace:
- Number of hops
- The first hop (your router)
- Any
* * *hops (timeouts) - Final destination IP
Answer these questions:
- Which destination had the fewest hops?
- Which had the highest latency?
- Did all three take different network paths or did some share common early hops?
- Did any hops belong to major ISPs or backbone networks?
Write 3–5 sentences summarizing your observations.
If installed:
mtr google.comThis combines ping + traceroute in one tool.
- Why is traceroute useful for troubleshooting?
- Why do some hops not respond (
* * *)? - What does latency tell you about network congestion or distance?
- Can different DNS resolvers affect the path taken?
To continue building network investigation skills:
- SOC Lab 03 — DNS Resolution & Caching
- Examine how domain names are resolved into IP addresses
- Compare responses across different DNS resolvers
- Observe caching behavior and TTL values in DNS queries
Understanding DNS behavior is critical for detecting malicious domains and command-and-control activity.