please use wireshark and show all screenshots and all steps andexplain them.
Please Use Wireshark And Show All Screenshots And All Steps And Explain Them 1 (150.04 KiB) Viewed 35 times
Please Use Wireshark And Show All Screenshots And All Steps And Explain Them 2 (187.95 KiB) Viewed 35 times
Each student needs to login into the CCIA virtual environment to complete this assignment. Task A: Sniff LAN traffic In this task, you will be acting as an ATTACKER who sniffers the internal communications between peers by using either Wireshark or tshark on Internal Kali VM. You need to use on the following VMs to complete the assignment. I would recommend you keeping the Wireshark/tshark running on Internal Kali all the time. Windows 7 192.168.10.9 Kali 192.168.10.13 LAN Windows Server 2008 192.168.10.11 pfSense Firewall (192.168.10 2 Internal address) www Kali Attacker Machine External Address 192.168.217.3 Figure 1 Required VMs for this assignment Ubuntu 192.168.10.10 Settings for C Network Smart Loca danced Peas - Select the first Network Adaptor, then click "Advanced Features" CHOP quand hope router adverteerders ■] sinable router advertisment e cluster vode dº a vetruvark, dac Parting the network of nadine Heering mode by Figure 2 How to configure port mirroring in Hyper-V Internal Kali: Set Miorroing mode to "Destination" in the "Port Mirroiring" Ubuntu Kali: Set Miorroing mode to "Source" in the "Port Mirroiring" External Kali: Set Miorroing mode to "Source" in the "Port Mirroiring" IMPORTANT! Due to the different networking configurations in Hyper-V, you need to Enable Port Mirroring for related VMs accordingly. This is a helpful link to follow. To be specific, you need to put the sniffer (Internal Kali) as the mirroring Destination, and the target VMs are mirroring Source (Figure 2). To be sepcifc, •
1. Sniff ICMP traffic (10 + 10 +20 points) a. In External Kali VM, ping Windows 7 VM and Ubuntu VM from two separate terminals. b. Apply proper display or capture filter on Internal Kali VM to show active ICMP traffic. Apply proper display or capture filter on Internal Kali VM that ONLY displays ICMP request originated from External Kali VM and goes to Ubuntu 64-bit VM. c. 2. Sniff FTP traffic (60 points) Ubuntu VM is also serving as an FTP server inside the LAN network. Now, you need to use External Kali to access this FTP server by using the command: ftp [ip_addr of ubuntu VM]. The username for the FTP server is cyse301, and the password is password. You can follow the steps below to access the FTP server. root@CS2APenTest: ftp Connected to t 220 (vsFTPd 3.0.3) Name (2) :root): cyse301 331 Please specify the password. enter username enter password Password: 230 Login successful. Remote system type is UNIX. Usina binary mode to transfer files. ftp> exit 221 Goodbye. root@CS2APenTest: Leave ftp server a. Unfortunately, Internal Kali, the attacker, is also sniffing to the internal communication by using tshark. Therefore, all of your communication is exposed to the attacker. Now, you need to find out the password used by External Kali to access the FTP server in the Wireshark running on Internal Kali VM. You need to screenshot and explain how you find the password. b. After you successfully sniffed the username & password from the FTP traffic, repeat the previous step, and use your MIDAS ID as the username and UIN as the password to reaccess the FTP server from External Kali. Although External Kali may not access the FTP server, you need to intercept the packets containing these "secrets" from the attacker VM, which is Internal Kali.
Join a community of subject matter experts. Register for FREE to view solutions, replies, and use search function. Request answer by replying!