Provide steps in Examining a Telnet Session with Wireshark
You will use Wireshark to capture and view the transmitted data of a Telnet session.
Step 1. Capture data.
a. Start the CyberOps Workstation VM and log in with username analyst and password
cyberops.
b. Open a terminal window and start Wireshark. Press OK to continue after reading the
warning message.
```
[analyst@secOps analyst]$ sudo wireshark-gtk
[sudo] password for analyst: cyberops
** (wireshark-gtk:950): WARNING **: Couldn't connect to accessibility bus:
Failed to connect to socket /tmp/dbus-REDRWOHelr: Connection refused
Gtk-Message: GtkDialog mapped without a transient parent. This is discouraged.
```
c. Start a Wireshark capture on the Loopback: lo interface.
d. Open another terminal window. Start a Telnet session to the localhost. Enter username
analyst and password cyberops when prompted.
```
[analyst@secOps ~]$ telnet localhost
Trying ::1...
Connected to localhost.
Escape character is '^]'.
Linux 4.10.10-1-ARCH (unallocated.barefruit.co.uk) (pts/12)
secOps login: analyst
Password:
Last login: Fri Apr 28 10:50:52 from localhost.localdomain
[analyst@secOps ~]$
```
e. Stop the Wireshark capture after you have provided the user credentials.
Step 2. Examine the Telnet session.
a. Apply a filter that only displays Telnet-related traffic. Enter Telnet in the filter field.
b. Right-click one of the Telnet lines in the Packet list section of Wireshark, and from the
drop-down list, select Follow TCP Stream.
c. The Follow TCP Stream window displays the data for your Telnet session with the
CyberOps Workstation VM. The entire session is displayed in plaintext, including your
password. Notice that the username that you entered is displayed with duplicate char-
acters. This is caused by the echo setting in Telnet to allow you to view the characters
that you type on the screen.
d. After you have finished reviewing your Telnet session in the Follow TCP Stream win-
dow, click Close.
e. Type exit at the terminal to exit the Telnet session.
```
[analyst@secOps ~]$ exit
```
You might also like to view...
Consider the network shown in Figure 3.7(a) and its conflict graphs depicted in Figures 3.7(b– d) of the textbook. Estimate the NDE of the original network and the various conflict graphs. What observations can you make on the NDE values of the conflict graphs generated by the increasing hoplengths used for the conflict graphs?
What will be an ideal response?
As the network engineer, you are asked to design an IP subnet plan that calls for 3 subnets. The largest subnet needs a minimum of 52 hosts. Management requires that a single mask must be used throughout the Class C network. Which of the following is a private IP network and mask that would meet the requirements?
A) 192.168.0.0 / 255.255.255.192 B) 192.168.0.0 / 255.255.255.224 C) 192.168.0.0 / 255.255.255.240 D) 192.168.0.0 / 255.255.255.248
To prevent code from trying to create a table that already exists, use the SHOW EXISTING TABLES command.
Answer the following statement true (T) or false (F)
What is the operation on a linked structure called that visits each node without deleting it?
A. probe B. insertion C. removal D. traversal