In order to understand what exactly is being sent, you may use Wireshark to see the data transmitted over the wire. For example, imagine that you were implementing a chat program between two clients, and something was not working. It might be helpful for debugging problems in your network, for instance – if you can’t connect from one computer to another, and want to understand what’s going on. Wireshark is an open-source and free tool, and is widely used to analyze network traffic. Wireshark is also a packer analyzer that displays lots of meaningful data about the frames that it sees. A sniffer could just display a stream of bits - ones and zeroes, that the network card sees. A sniffer shows us the data that passes through our network card.īut Wireshark does more than that. We use it to examine what’s going on inside a network cable, or in the air if we are dealing with a wireless network. You can think of a sniffer as a measuring device. Wireshark is a sniffer, as well as a packet analyzer. Be sure to check my previous post about the five layers model if you need a refresher. This post relies on basic knowledge of computer networks. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.In this post, you will learn about the single most important and useful tool in Computer Networks – Wireshark. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Oserve the immediate non-stop spam of traffic? Why do you think it’s non-stop spamming vs only showing traffic when you do an activity?Īnswer: because the RDP (protocol) is constantly showing you a live stream from one computer to another, therefor traffic is always being transmittedĭelete the Resource Group(s) created at the beginning of this lab Observe the DNS traffic being show in WireSharkīack in Wireshark, filter for RDP traffic only (tcp.port = 3389) Observe the DHCP traffic appearing in WireSharkīack in Wireshark, filter for DNS traffic onlyįrom your Windows 10 VM within a command line, use nslookup to see what and ’s IP addresses are Type commands (username, pwd, etc) into the linux SSH connection and observe SSH traffic spam in WireSharkĮxit the SSH connection by typing ‘exit’ and pressing īack in Wireshark, filter for DHCP traffic onlyįrom your Windows 10 VM, attempt to issue your VM a new IP address from the command line (ipconfig /renew) Re-enable ICMP traffic for the Network Security Group your Ubuntu VM is usingīack in the Windows 10 VM, observe the ICMP traffic in WireShark and the command line Ping activity (should start working)īack in Wireshark, filter for SSH traffic onlyįrom your Windows 10 VM, “SSH into” your Ubuntu Virtual Machine (via its private IP address) Open the Network Security Group your Ubuntu VM is using and disable incoming (inbound) ICMP trafficīack in the Windows 10 VM, observe the ICMP traffic in WireShark and the command line Ping activity Initiate a perpetual/non-stop ping from your Windows 10 VM to your Ubuntu VM Observe ping requests and replies within WireSharkįrom The Windows 10 VM, open command line or PowerShell and attempt to ping a public website (such as and observe the traffic in WireShark Retrieve the private IP address of the Ubuntu VM and attempt to ping it from within the Windows 10 VM Open Wireshark and filter for ICMP traffic only Within your Windows 10 Virtual Machine, Install Wireshark Use Remote Desktop to connect to your Windows 10 Virtual Machine Observe Your Virtual Network within Network Watcher While create the VM, select the previously created Resource Group and Vnet While creating the VM, allow it to create a new Virtual Network (Vnet) and Subnet While creating the VM, select the previously created Resource Group High-Level Deployment and Configuration Steps Microsoft Azure (Virtual Machines/Compute).This documentation illustrates the use of Wireshark to analyze network activity.
0 Comments
Leave a Reply. |