- Microsoft Azure (Virtual Machines/Compute)
- Remote Desktop
- Various Command-Line Tools
- Various Network Protocols (SSH, RDH, DNS, HTTP/S, ICMP)
- Wireshark (Protocol Analyzer)
- Windows 10 (21H2)
- Ubuntu Server 20.04
- Create Resources
- Observe ICMP Traffic
- Observe SSH Traffic
- Observe DNS Traffic
- Observe RDP Traffic
-Create our Resources-
Create a Windows 10 Virtual Machine (VM)
Create a Linux (Ubuntu) VM
-Observe ICMP Traffic-
Within your Windows 10 Virtual Machine, Install Wireshark
Open Wireshark and filter for ICMP traffic only
Retrieve the private IP address of the Ubuntu VM
Attempt to ping it from within the Windows 10 VM
From The Windows 10 VM, open command line or PowerShell and attempt to ping a public website (such as www.google.com) and observe the traffic in WireShark
-Observe SSH Traffic-
Back in Wireshark, filter for SSH traffic only
From your Windows 10 VM, “SSH into” your Ubuntu Virtual Machine (via its private IP address)
a. Type commands (username, pwd, etc) into the linux SSH connection and observe SSH traffic spam in WireShark
b. Exit the SSH connection by typing ‘exit’ and pressing [Enter]
-Observe DNS Traffic-
Back in Wireshark, filter for DNS traffic only. From your Windows 10 VM within a command line, use nslookup to see what google.com and disney.com’s IP addresses are.
-Observe RDP Traffic-
Back in Wireshark, filter for RDP traffic only (tcp.port == 3389)
