title: S2E3 - more tcpdump |
author: Nicholas Morrison [email protected] |
draft: false |
tags: [network, workshop, arista] |
categories: [workshop] |
noindex: true |
Connect to the lab server:
local$ ssh-keygen -R netlab.nanocat.net
local$ ssh [email protected]
Password: (see discord)
Connect to your router:
Everything is already configured with default values!
Connect to a lab PC:
Check your lab PC’s IP address:
Start a ping:
In a different terminal window:
By default, tcpdump uses eth0
as its interface, and will
print output for every packet that it sees.
Stop and start the ping in the other terminal with
ctrl-c
and up-arrow to recall the last command.
You will probably be seeing lots of traffic aside from your ping.
Filter everything else by only showing icmp
packets
(Internet Control Message Protocol)
Try some other filters:
Use curl
to fetch a web page from the server.
Start a tcpdump on port 80:
From your lab PC:
Start a tcpdump with ASCII interpretation:
Run a curl from your lab PC:
Capture 50 packets:
cd <- make sure you are in your home directory
ip netns exec clab-www-pcX tcpdump -c 50 -w CLEVER_FILENAME.pcap
Generate some pings, or a curl, from your lab PC.
Copy them to your local computer. Locally,
scp [email protected]:CLEVER_FILENAME.pcap .
Open this file locally in Wireshark.