CY 620 Malware_Capturing and Analyzing Network Traffic Using a Sniffer_CEH Exam Domain: Sniffing

Document Content and Description Below

Capturing and Analyzing Network Traffic Using a Sniffer OBJECTIVE: CEH Exam Domain: Sniffing OVERVIEW: In this lab, you will capture and analyze traffic using a sniffer. Key TermDescription ro... ot user name or account which has access to all commands along with read and write privileges to all files on a Linux or other Unix-like operating system TELNET a protocol where the data is transmitted between two machines over in clear text. The use of TELNET, which uses port 23, should be avoided on networks because it is not secure. Wireshark a free and open source protocol analyzer, which will allow a user to capture network traffic or to analyze a capture file. POP Post Office Protocol is an application-layer Internet protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. TCP Transmission Control Protocol is a network protocol designed to send and ensure end-to-end delivery of data packets over the Internet. Starting the Sniffer 1. Click on the internal Kali 2 Linux icon on the topology.KALI 2 LINUX MACHINE 2. After the machine is fully loaded, type root for the Username. then click Next. EXTERNAL KALI 2 USERNAME 3. For the Password, type toor (root spelled backwards), and click the Sign In button.EXTERNAL KALI 2 PASSWORD 4. Click the black and white icon (second from the top) to launch the Linux terminal. OPENING THE KALI 2 TERMINAL 5. Type the following command and press Enter, to check for the IP Address of the system. root@kali2:~# ifconfig NMAP 6. Type the following command and press Enter, so your system will not have an IP Address. root@kali2:~# ifconfig eth0 0.0.0.0 upNMAP 7. Type the following command and press Enter, to verify that no IPv4 address is listed for eth0. root@kali2:~# ifconfig REDIRECTION 8. Type the following command and press Enter, to open Wireshark. root@kali2:~# wireshark WIRESHARK 9. Click OK to the Lua Error when Wireshark opens.LUA WARNING 10. If asked, click OK to the Running as "root" user and group warning. Otherwise, proceed to the next step. USER AND GROUP WARNING 11. Select Capture from the Wireshark menu and choose Interfaces. INTERFACES 12. Select the check box in front of eth0. Notice in the IP column it says none. Click Start.CLICK START 13. If needed, expand the Packet List Pane by slowly hovering your mouse in the area circled until the up and down arrows appear. Then left-click and drag the Packet List Pane downward. Otherwise, proceed to the next step [Show More]

Last updated: 1 year ago

Preview 1 out of 27 pages