Network traffic

We will be going through basic networking and how to extract network traffic.

Network traffic sniffing (30 min)

There are three ways of listening in on communications

1. List the three ways

2. Describe in your own words each method

   Include at which layer each method operates

3. Put the descriptions in a shared file

Network interfaces in linux (30 min)

1. Spin up a VM with Kali
2. Use ip address to see the IP and MAC addresses
3. Explain what the command does and what is shown
4. Use ip route
5. Explain what the command does and what is shown
6. Put the command output and the explanation in a shared file

Wireshark in kali (30 min)

Minimal wireshark kickstart video:

Another video about wireshark (start at 5:00) Some written introduction from Redhat and medium. Filter reference is here

1. Boot up Kali
2. start wireshark, and listen on interface eth0
3. in a terminal, ping 8.8.8.8
4. refind the packets in wireshark
5. select the echo ping request packet

6. what are the MAC adresses and ip adresses?

   Notice the layered info, starting with "frame", "ethernet" and "Internet protocol"

7. Explain what each of the 4 values means and which devices they refer to

8. Ping 1.1.1.1
9. Refind the packets in wireshark
10. select the echo ping request packet
11. What are the MAC adresses and ip adresses?
12. Explain what each of the 4 values means and which devices they refer to
13. Compare values for the two pings and explain similarities/differences

14. Put addresses and descriptions in a shared document

    This is a .md file, so you could add images

There is a video convering this exercise on youtube