Wk3 vid2 - Wireshark and Netcat Demonstration

00:14:48
https://www.youtube.com/watch?v=UIp9AewL4zk

摘要

TLDRIn this video, the presenter explains the differences between Linux distributions, specifically focusing on Debian. The session showcases the utility of Netcat (NC) for creating a communication channel between two terminal windows on a single machine. A demonstration follows, utilizing Wireshark to capture traffic and analyze data sent through Netcat. The presenter stresses the importance of secure connections, particularly in public spaces, and the inherent risks involved with unencrypted data transmission. Additionally, instructions for installing necessary tools like Net Tools and Wireshark on Debian are provided, along with their commands.

心得

  • 🐧 Debian is a widely used Linux distribution.
  • 💬 Netcat (NC) allows for communication simulation between terminal sessions.
  • 📦 Wireshark captures and analyzes network traffic effectively.
  • 🔐 Always be cautious with unencrypted data transmissions.
  • ☕ Public Wi-Fi poses risks for sensitive information.

时间轴

  • 00:00:00 - 00:05:00

    The discussion begins by introducing Debian, a Linux distribution, and comparing the identification of operating systems to speaking dialects, emphasizing Linux's many distributions. The speaker favors Debian for its compatibility with ARM architectures on Apple M1 series Macs and briefly mentions installation methods, including UTM and VMware Fusion.

  • 00:05:00 - 00:14:48

    The demonstration progresses to using netcat (NC) for terminal communication on the same computer, resembling a chat setup. The speaker stresses the importance of network security by using Wireshark to monitor communications, explaining potential vulnerabilities in public networks. The section ends with details on configuring netcat listeners and clients, highlighting the ease of capturing plain-text data with Wireshark.

思维导图

视频问答

  • What is Debian?

    Debian is a Linux flavor known for its range of architectures and utility on various devices.

  • What is Netcat (NC)?

    Netcat is a Unix utility for reading and writing data across network connections, often referred to as a TCP/IP Swiss army knife.

  • How is Netcat used in this demonstration?

    Netcat is used to simulate communication between two terminal sessions on the same computer.

  • What is Wireshark?

    Wireshark is a network protocol analyzer that allows you to capture and interactively browse packet data.

  • Why is it risky to use public Wi-Fi for financial transactions?

    Using public Wi-Fi can expose your data to interception by malicious actors, even if it is encrypted.

查看更多视频摘要

即时访问由人工智能支持的免费 YouTube 视频摘要!
字幕
en
自动滚动:
  • 00:00:00
    all right let's take a look at
  • 00:00:01
    everything that we are dealing with all
  • 00:00:04
    the little applications and programs in
  • 00:00:07
    our demonstration at the very top is
  • 00:00:10
    Debian itself so Debian is a Linux
  • 00:00:13
    flavor so a lot of people when they take
  • 00:00:17
    a look at a platform they're like well
  • 00:00:18
    what are you using are you using
  • 00:00:20
    Microsoft Windows or are you using Linux
  • 00:00:24
    and it's a hard question to answer
  • 00:00:26
    because when somebody says hey I'm using
  • 00:00:29
    Microsoft Windows you can probably
  • 00:00:31
    already guess that they're using some
  • 00:00:34
    maybe Windows 10 or Windows 11 pretty
  • 00:00:37
    much unless they're into Legacy software
  • 00:00:40
    in in which you might presume they're
  • 00:00:42
    they're using Windows 7 or Windows 8 or
  • 00:00:45
    something although Windows 8 is is
  • 00:00:47
    actually really hated out there so when
  • 00:00:49
    somebody says I'm using Windows they
  • 00:00:51
    have an idea what you're talking about
  • 00:00:53
    when it comes to Linux Linux is a little
  • 00:00:55
    bit
  • 00:00:56
    like being asked do you speak Chinese
  • 00:01:00
    because quite frankly there is no
  • 00:01:03
    Chinese language there are only dialects
  • 00:01:06
    related to that southeastern region so
  • 00:01:10
    there's one example of a dialect is
  • 00:01:13
    Mandarin so when it comes to Linux there
  • 00:01:16
    is no Linux operating system there are
  • 00:01:20
    flavors of Linux and that's what you
  • 00:01:23
    have to say when you're talking about
  • 00:01:25
    which operating system you use the
  • 00:01:27
    flavor or distribution I should say
  • 00:01:30
    we're using is Debian and the reason why
  • 00:01:33
    I'm using I choose Debian is because
  • 00:01:36
    there is a wonderful array of arm 64
  • 00:01:41
    versions or architectures of Debian and
  • 00:01:44
    there is a a arm 64 version of c and
  • 00:01:49
    maybe Fedora and maybe Ubuntu but Debian
  • 00:01:53
    is just a really really great great
  • 00:01:56
    version that you can utilize on your Mac
  • 00:02:00
    M1 M2 M3 or M4 MacBook or or MacBook Air
  • 00:02:05
    or something like that and you can
  • 00:02:08
    utilize Visual Studio excuse me uh
  • 00:02:11
    VMware Fusion or you can utilize an app
  • 00:02:14
    called UTM so I'm not going to go
  • 00:02:17
    through the instructions about how to
  • 00:02:20
    install uh Debian over over UTM or or
  • 00:02:24
    VMware or VMware Fusion it's just that
  • 00:02:28
    you know that's something you should
  • 00:02:29
    know how to do as a skill set so that's
  • 00:02:32
    Debian moving on we have uh NC so that
  • 00:02:36
    stands for netcat and actually if we go
  • 00:02:39
    to Debian right here and we do the man
  • 00:02:43
    NC or netcat we can see that NC is a
  • 00:02:47
    what they call a TCP IP Swiss army knife
  • 00:02:52
    and what it refers to is the fact that
  • 00:02:54
    it's so utilitarian like there's so many
  • 00:02:58
    different utilities and as you can see
  • 00:03:00
    it NC actually stands for netcat and
  • 00:03:04
    it's a simple Unix so this one goes back
  • 00:03:07
    a Long Way to the old Unix days it's a
  • 00:03:10
    simple Unix utility which reads and
  • 00:03:12
    writes data across network connections
  • 00:03:15
    now when you think of network
  • 00:03:17
    connections you probably think of client
  • 00:03:19
    server or something at least another
  • 00:03:22
    entity or PC or asset that is beyond
  • 00:03:25
    your local PC definitely or especially
  • 00:03:29
    beyond your local network all right but
  • 00:03:33
    what we are doing I'm going to press Q
  • 00:03:35
    to get out of here what we are doing we
  • 00:03:39
    are let me going going back here what
  • 00:03:41
    we're doing is let me grab my drawing
  • 00:03:43
    tool right here we are going this is our
  • 00:03:47
    single PC right here our single so this
  • 00:03:51
    is like our desktop and I'm sorry it's
  • 00:03:53
    kind of like a 2-year-old made it made
  • 00:03:55
    it but what we're going to do we're
  • 00:03:57
    going to open up two terminals so we're
  • 00:04:00
    going to open up two command line
  • 00:04:02
    interfaces uh on the same desktop so
  • 00:04:05
    imagine this is the same computer okay
  • 00:04:08
    and here's your desktop so we're opening
  • 00:04:11
    two distinct you know uh sessions uh
  • 00:04:14
    terminal sessions on the same computer
  • 00:04:17
    and then we're going to communicate as
  • 00:04:19
    if we're on different computers but
  • 00:04:21
    we're on the same computer and we're
  • 00:04:22
    going to utilize NC or netcat as a chat
  • 00:04:27
    box so um I'm going to to start this
  • 00:04:30
    this will be the listener and this will
  • 00:04:32
    be the client and then the client will
  • 00:04:34
    say something and then the listener will
  • 00:04:37
    say something back and then the client
  • 00:04:39
    will say something back and then what
  • 00:04:41
    we're going to do is we're going to use
  • 00:04:43
    uh let me bring out another color here
  • 00:04:45
    we're going to use wire shark right here
  • 00:04:48
    we're going to use wire shark to listen
  • 00:04:50
    in onto the conversation and the
  • 00:04:53
    implication is is that if wire shark can
  • 00:04:56
    listen to two you know separate
  • 00:04:58
    conversations even though they're on the
  • 00:05:00
    same computer there are separate
  • 00:05:01
    conversations so if wi Shar can listen
  • 00:05:03
    to the to separate conversations on your
  • 00:05:06
    computer you buy inference it can also
  • 00:05:09
    do the same if you're like at a coffee
  • 00:05:12
    shop and somebody basically uses a
  • 00:05:14
    program like Eder cap to you know to do
  • 00:05:17
    the man in the- Middle attack and
  • 00:05:19
    somebody in some coffee shop could
  • 00:05:21
    possibly see your information so be
  • 00:05:24
    careful when you're at a coffee shop you
  • 00:05:26
    know don't go to like your financial
  • 00:05:28
    institution or your bank or something
  • 00:05:30
    because yes you know your bank is
  • 00:05:33
    protected by HT
  • 00:05:35
    https which are is basically a digital
  • 00:05:39
    signature certificate like it's en it's
  • 00:05:42
    encrypted but the beginning of it the
  • 00:05:46
    initialization of the request might not
  • 00:05:49
    be encrypted and the the client or the
  • 00:05:54
    the nefarious being that is
  • 00:05:56
    eavesdropping on your on your request
  • 00:05:59
    might figure out a way to decode your
  • 00:06:02
    information based on the initialization
  • 00:06:05
    algorithm of your request that being
  • 00:06:08
    said let's go ahead and begin our
  • 00:06:10
    demonstration all right we're about to
  • 00:06:12
    do a demonstration here but before I can
  • 00:06:15
    complete my demonstration where're I
  • 00:06:17
    want to show you that I am virtualizing
  • 00:06:21
    on my MacBook M3 and I'm using VMware
  • 00:06:25
    fusion and this is of course as you can
  • 00:06:27
    see Debian now in in order for me to
  • 00:06:30
    begin my demonstration we have to
  • 00:06:33
    install net Tools in order for me to uh
  • 00:06:37
    take a look at what the IP address is
  • 00:06:40
    with the command if config which is the
  • 00:06:43
    kind of like the windows version of it
  • 00:06:45
    which is IP config so of course Linux
  • 00:06:49
    and other NYX like languages have if
  • 00:06:52
    config now Debian does not come with
  • 00:06:56
    that installed that might be different
  • 00:06:59
    with Cali I'm sure with Cali it comes
  • 00:07:01
    pre-installed but with Debian you
  • 00:07:03
    definitely have to install it separately
  • 00:07:05
    so how you install it is pseudo apt so
  • 00:07:08
    pseudo allows you to do root type things
  • 00:07:11
    even if you're not if you're ho if
  • 00:07:14
    you're screen name isn't on in the root
  • 00:07:17
    but it could be on the Su in the sudoers
  • 00:07:20
    group in which case this is a is
  • 00:07:22
    Advanced package tool for many Linux
  • 00:07:25
    distributions like Debian and also uh
  • 00:07:29
    yub to places things like that and also
  • 00:07:31
    Cali and then of course the function of
  • 00:07:35
    the AP is install and then the name of
  • 00:07:38
    the package is actually net tools okay
  • 00:07:41
    so now the if config command works so we
  • 00:07:44
    can we can say pseudo if config and this
  • 00:07:49
    gives us our IP address as you can see
  • 00:07:52
    okay the next thing we have to do we
  • 00:07:55
    have to install wire shark which is a
  • 00:07:57
    way to analyze packets on both our local
  • 00:08:01
    network and analyze Global packets so
  • 00:08:05
    we'll go ahead and install it and then
  • 00:08:06
    of course let's see oh it it let me
  • 00:08:09
    raise this up do you want to continue
  • 00:08:11
    and obviously yes so just have to give
  • 00:08:15
    it some time for it to connect to its
  • 00:08:18
    sources and we want to say yes super
  • 00:08:22
    users should be able to okay and so just
  • 00:08:25
    to analyze the command PSE sudo allows
  • 00:08:28
    us to do root things with a nonroot user
  • 00:08:32
    Advanced packaging tool and then install
  • 00:08:35
    is one of the functions of AP and then
  • 00:08:38
    wi shark represents the name of the
  • 00:08:40
    program we want to install and if we
  • 00:08:43
    type in man wi shark it'll give us a
  • 00:08:45
    description it is a guey Network
  • 00:08:48
    protocol analyzer so as it says it lets
  • 00:08:52
    you interactively browse packet data
  • 00:08:55
    from a live Network or for a previously
  • 00:08:57
    saved capture file and so that is wi
  • 00:09:00
    sharp all right let's take a look at how
  • 00:09:02
    we can set up the demonstration there is
  • 00:09:05
    as you can take a look at your diagram
  • 00:09:07
    there are two sides to this and we can
  • 00:09:10
    actually make two Terminals and if you
  • 00:09:12
    want to go ahead and see how we can make
  • 00:09:14
    an extra terminal we can click on
  • 00:09:17
    Terminal and then just click on new
  • 00:09:19
    window and that allows us to bring up
  • 00:09:21
    more than one terminal now on one side
  • 00:09:24
    we have NC or netcat and then we have
  • 00:09:28
    space and then Dad so Dash is kind of
  • 00:09:32
    kind of like telling it what how you
  • 00:09:35
    want the app to act what you want it to
  • 00:09:38
    do so in this case NC space space and
  • 00:09:41
    then some people call it Tac l i just
  • 00:09:44
    call it a plain old Dash so NC space- L
  • 00:09:48
    that says this side is the listener so
  • 00:09:51
    according to the diagram it shows this
  • 00:09:52
    side being The Listener and this other
  • 00:09:55
    side is the I guess you could call it
  • 00:09:58
    call it a CL
  • 00:10:00
    so this side is the listener so this is
  • 00:10:02
    what the L is saying and then we have
  • 00:10:05
    space and then Dash p that stands for
  • 00:10:08
    port and we can decide what kind what
  • 00:10:10
    port we want to use we have ports one to
  • 00:10:14
    right around
  • 00:10:17
    6,400 some ports and of course I think
  • 00:10:20
    there are more but the the reason why
  • 00:10:23
    the 31,000 range it was selected is that
  • 00:10:27
    because it's not a common port
  • 00:10:29
    common ports are for example Port 80 for
  • 00:10:33
    HTTP Port 443 for uh for
  • 00:10:37
    https and so on and so forth there's
  • 00:10:40
    ports for Email exchange there's ports
  • 00:10:43
    for ports for
  • 00:10:44
    DHCP and and such and and things like
  • 00:10:47
    that so the by the time you hit the
  • 00:10:49
    31,000 you're in kind of like random
  • 00:10:52
    Port ranges so
  • 00:10:55
    31337 is safe so I'm hoping that you're
  • 00:10:58
    taking it a pay pay attention to this
  • 00:11:00
    side of the screen right here so again
  • 00:11:02
    we call NC or netcat which means uh
  • 00:11:06
    that's in Linux that's how we that's how
  • 00:11:08
    we execute a an application is we is we
  • 00:11:12
    actually type in the app type in the
  • 00:11:15
    application and then we say space and
  • 00:11:17
    then- L Dash and then space and then- P
  • 00:11:20
    which means the port number and then we
  • 00:11:22
    can press enter so we've turned this
  • 00:11:24
    side of the terminal into a list into a
  • 00:11:27
    listening Port this is the client Port
  • 00:11:30
    so in order to get us to get us to know
  • 00:11:32
    what our IP address is you you saw how a
  • 00:11:35
    ran if config and that's how we got the
  • 00:11:38
    IP address uh 17216 11151 128 and then
  • 00:11:43
    of course we're targeting we're
  • 00:11:45
    targeting Port
  • 00:11:47
    31337 so these two ports should match
  • 00:11:50
    now remember we're on the same PC except
  • 00:11:52
    where there're different terminal
  • 00:11:54
    windows so technically they're they're
  • 00:11:56
    going to be different streams so I'm
  • 00:11:58
    going to go go ahead press enter now
  • 00:12:00
    what this means is we're using netcat to
  • 00:12:03
    Simply have a conversation between the
  • 00:12:05
    same two terminals on the same P excuse
  • 00:12:08
    me between two different terminals on
  • 00:12:09
    the same PC so here I can say hi and you
  • 00:12:13
    can see on this end we have high and
  • 00:12:15
    then we'll say how you doing like this
  • 00:12:19
    and then we'll in this side says Fine
  • 00:12:22
    hey guess what we went bowling and Jerry
  • 00:12:29
    got
  • 00:12:30
    290 and on this side this other person
  • 00:12:33
    might say Jerry or Jerry and then we can
  • 00:12:36
    say Jerry the one with a mullet cool and
  • 00:12:42
    that's about it now oh you know what I
  • 00:12:46
    should have ran the other part of this
  • 00:12:48
    demonstration so I'm going to press
  • 00:12:49
    contrl Z to end this and then I'm going
  • 00:12:52
    to press clear and press clear for here
  • 00:12:56
    and this time I'm going to go ahead and
  • 00:12:59
    run Packa Tracer or uh yeah not Packa
  • 00:13:02
    Tracer wire shark so I'm going to go
  • 00:13:05
    ahead I'm going to continue without
  • 00:13:07
    saving and I'm going to X this out and
  • 00:13:11
    I'm going to go ahead and capture and
  • 00:13:13
    let's do this again with wire shark in
  • 00:13:16
    the background so let's go ahead and
  • 00:13:18
    capture on Port
  • 00:13:20
    3137 as a listener and this is running
  • 00:13:23
    NC netcat on Port 3137 as a client and
  • 00:13:27
    then I'm going to say hi that's going to
  • 00:13:29
    say hi and then we'll say hello how are
  • 00:13:33
    you and then finally this side we'll say
  • 00:13:36
    Jerry bold a one uh a 290 two let's give
  • 00:13:41
    him some extra points 295 and then we'll
  • 00:13:44
    say Jerry or Jerry and then Jerry with a
  • 00:13:49
    mullet and the other side says cool okay
  • 00:13:52
    and we'll go to here we're going to end
  • 00:13:54
    the capture and we'll end these services
  • 00:13:57
    on this side and the service is on this
  • 00:13:59
    side now let's go ahead to this capture
  • 00:14:02
    we're going to analyze we're going to
  • 00:14:03
    follow and then we're going to follow
  • 00:14:05
    the TCP stream and low and behold even
  • 00:14:08
    though this wire shark was a separate
  • 00:14:11
    program running on a separate stream it
  • 00:14:13
    was able to capture this in real time
  • 00:14:17
    because this netcat sends things out in
  • 00:14:20
    plain text now the ramifications are
  • 00:14:23
    such that if you're in a land and you
  • 00:14:27
    establish wire shark as a list
  • 00:14:29
    and you're able to you know run ethereal
  • 00:14:32
    or something to to enable the man in
  • 00:14:35
    the- Middle attack any application that
  • 00:14:37
    is sent in plain text can be captured
  • 00:14:40
    quite fruitfully by a program like wire
  • 00:14:44
    shark and yes that should very much
  • 00:14:47
    scare everyone
标签
  • Debian
  • Linux
  • Netcat
  • Wireshark
  • Networking
  • TCP/IP
  • Public Wi-Fi
  • Data Security
  • Ubuntu
  • Virtualization