SSH // MONITORING NETWORK TRAFFIC BETWEEN VIRTUALBOXES USING WIRESHARK // ASSIGNMENT II

Time to play around with SSH, again!

Assignment II:

Specs of the workstation here: specs

A:
– Install Wireshark
– Create the needed keys to establish secure and automated connection
– Use Wireshark to monitor network traffic
– Create an SSH connection and perform some simple commands via SSH
– Terminate the connection, analyze the network traffic on Wireshark

B:
– Install Munin

 

Step 1.

Installing Wireshark is done with the following command:
sudo apt-get install wireshark

Running Wireshark for the first time needs to be done using sudo -rights. Otherwise tracking won’t work. Here’s a picture of a fully set up Wireshark, displaying TCP -connections only.

wireshark

Step 1.1

Creating keys for SSH is ez. Done like this:
ssh-keygen

After the command, give the desired location for the keys when prompted.
After giving the location, the program will ask for a pass phrase, this will be needed later when establishing the automated connection.

Step 1.2

Copying the public keys between the client and the server will be done as follows:
ssh-copy-id USER@IP

If you are performing this between two virtual machines, remember to set the connection as “bridged”. Otherwise the virtual machines will receive the same IP, resulting in this method not working.

After copying the key, try to login to the desired workstation, using SSH. The program will ask you to repeat the password/pass phrase once more, and after this the login will be automated.

Here I am connecting to my Ubuntu Server virtual machine from my Linux Mint virtual machine, after copying the keys.

automatisoitulogin
Step 1.3

After setting up Wireshark, and performing the steps above, the steps are seen on Wireshark like this:
wiresharkconnections
We can see that the steps we made previously are seen as  “Encrypted requests – and responses” and steps prior to that “new keys” etc are not encrypted.

 

Step 2: Munin

The installation of Munin here is done by following the steps provided by Ubuntu.

At this point I was unable to access my workstation, I believe the external hard drive I’m using is some what broken. So I will attempt the installation on my laptop.
Specs of the laptop used here: laptopspecs.

Before installing Munin, Apache -web server needs to be installed and set up. Before attempting this, be sure to do so.

As Mint uses same package repository as Ubuntu, the commands provided by Ubuntu will work here as well.

Installing Munin can be done with a few commands:
installing server01 – sudo apt-get install munin
installing server02 – sudo apt-get install munin-node

On server01, we will have to do a few modifications in order to make the program work properly.  Go to /etc/munin/using cd – command and make the following modifications:

We will need to modify the .conf file, in order to do so, use this command:
sudo nano munin.conf

 

## This here will be our normal host
## Add this text into the file 
[localhost]
       address localhost

Replace the address and [localhost] into your server’s address. If you only want to do this locally, you can use localhost.

Next we will modify munin-node.conf -file the same way.

## add this into the munin-node-conf -file
## replace localhost with your own IP
allow ^localhost$

In order for these changes to apply, we need to restart the munin server.
sudo /etc/init.d/munin-node restart

 

  • Copying and modifying this and all the other documents in this blog is allowed according to the GNU General Public License (versio 2 or newer). http://www.gnu.org/licenses/gpl.html
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s