Skip to main content

Packet capturing of different protocols using Wireshark

Wireshark is the world’s foremost and widely-used network protocol analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

It is a free and an open-source packet analyzer.It is cross-platform.

  • To trace the packets first of all download and install Wireshark in the windows operating system.


  • Open Wireshark and then choose the interface.

1.Tracking FTP Packets


Step 1: $sudo apt-get install vsftpd command on Ubuntu terminal


Step 2: Start Wireshark and open command prompt in windows.
In the command prompt enter the IP address of Ubuntu Machine.

It asks for username and password authentication for the Ubuntu machine.

Step 3: Start capturing by clicking the green button in Wireshark.

 Step 4: In the filter of Wireshark,  enter ftp followed by IP address to track.

Step 5: Press the red button to stop capturing.




This server is not secure because packet transmission was captured in plain text as given by the user and even the password was captured unencrypted.


    2.Tracking Telnet packets


Step 1:$ sudo apt-get install telnetd ( on Ubuntu Machine)
Step 2: $ sudo /etc/init.d/openbsd-inetd restart  (on Ubuntu Machine)
Step 3: Now on the windows machine,
In the command prompt enter telnet followed by the IP address of Ubuntu Machine.

It asks for username and password authentication for the      Ubuntu machine.

Step 4: Start capturing by clicking the green button.

 Step 5: In the filter of Wireshark,  enter telnet followed by IP address to track.


Step 6: Press the red button to stop.


Here the password given for authentication is visible in plain text so it is not secure like ftp but gives a little security than ftp as the packets are not transmitted in plain text but under the name ‘Telnet Data’.
      3.Tracking on OpenSSH Server

 Step 1: $sudo apt-get install openssh-server (on Ubuntu Machine)

Step 2: Install putty on the windows machine and enter the host IP address(Ubuntu IP address) in it to connect

 Step 3: open Wireshark and search using the filter “tcp.port == 22 and ip.addr == <ip address of Ubuntu Machine>”,  22 is the port number of SSH




The telnet or ftp, are insecure and transmit the user's password in cleartext when used. OpenSSH provides a server daemon and client tools to facilitate secure, encrypted remote control and file transfer operations, effectively replacing the legacy tools.Here the packets are transmitted in encrypted form.
Labels:

Comments

Post a Comment

Popular posts from this blog

Configuring 2 backend servers and a load balancer with HAProxy

A load balancer is a device that distributes the traffic across a cluster of servers. In computing, load balancing improves the distribution of workloads across multiple computing resources, such as computers, a computer cluster, network links, central processing units, or disk drives.As a result, it improves responsiveness and increases the availability of applications.  For load balancing, we need to install LAMP server on backend servers and HAProxy on the load balancer. HAProxy is a free, open source software that provides a high availability load balancer and proxy server for TCP and HTTP based applications that spread requests across multiple servers. Here we will make two backend servers and one load balancer. At two backend servers enter the following commands— $sudo apt-get install apache2 $sudo apt-get install mysql-server $sudo apt-get install php libapache2-mod-php php-mysql $sudo gedit /var/www/html/index.html (Make some changes in t
Post a Comment
Read more

Devices used in each layer of OSI Model

Pic: Wikipedia 1.Physical Layer- Bits: Hubs, Repeaters, Fibers, Cables, Microwave, Radio, etc. 2.Data Link Layer- Frames: Bridges, 2-Layer Switches, Ethernet, WiFi AP's 3.Network Layer- Packets: Routers, 3-Layer Switches. 4.Transport Layer- Segments: Load Balancers/Firewalls. 5.Session Layer- Data:  Load Balancers/Firewalls/Computers. 6.Presentation Layer- Data: Load Balancers/Firewalls/Computers. 7.Application Layer- Data:  Load Balancers/Firewalls/Computers.
Post a Comment
Read more

Modes of Data Communication

Modes of Data Communication refers to the direction of data flow from sender to receiver or vice-versa. There are basically three modes of data communication:- 1. Simplex: In this mode the communication is unidirectional . Only one of the two devices on a link can transmit and the other can only receive .i.e data travels in one direction. Example: radio, television, loudspeaker 2. Half-Duplex: In this mode, each device on the link has   the ability to both transmit and receive, each at a time . When one device is sending, the other can only receive and vice versa. Example: walkie-talkie 3. Full-Duplex: In full-duplex mode, both the devices can transmit and receive simultaneously .i.e data can travel in both directions at the same time. Here the communication is bidirectional . Example: Telephone
Post a Comment
Read more