- 25 Nis 2020
- 19
- 0
Hi everyone,
In this topic, we will be analyzing network traffic on Linux systems with tool Xplico. Let's get to the topic if you're ready.
What Is Xplico Tool? What's That Using For?
With Xplico Tool, network traffic analysis can be performed live or on pcap files that already saved. Thus, users can view the events that happen on the newtork. With this tool, we can perform the followings:
Network Traffic With Xplico Tool
First, install the tool with the following command.
Then we follow Pentesting > System Services > Xplico and press the "Xplico Start" button to run it. After this a page like this opens.
Run the Apache service by entering the following command.
After running the service, close the terminal and follow "Pentesting > Digital Forensics" section to find and run Xplico. A page like below will open.
Select the language as Turkish. Type "xplico" for username and password both. Then just click on logging button.
On the screen that opens, click on the "new case" button from the panel on the left side. Here we can watch our network live and upload the pcap file we have. I'm gonna perform a live network analysis now. Type a random name for the case name section. Then click on
"create" button.
After we created the workspace, click on "New Session" from the panel which is in the left sidebar.
Next, select session on session list. We will see this page;
Now we are selecting "eth0" on "Interface" page. And we are starting flow.
Now we can watch what is going on in network. We can see everything on left bar. For example; we can see captured packages, voip calls, network graphics, file trading, using chat, we can check e-mails etc.. and we can watch flow.
Now we will try to analyse our pcap file. Click "Case" text on left sidebar. And click "covers" text.
Next, click "New Case" button.
Now select "pcap files" on "data collecting" page. And, we'll type a workspace name and click create button. We'll see this page;
Now click workspace which we created. Then click on New Session button and type the name we just got it and click on Create
We will see this page after we created session. After that, click session name.
We'll see this page;
Now click "Browse" on right sidebar. After that, select pcap file which is in our computer. Now we can watch network trafiic below to pcap file.
In this topic, we will be analyzing network traffic on Linux systems with tool Xplico. Let's get to the topic if you're ready.
What Is Xplico Tool? What's That Using For?
With Xplico Tool, network traffic analysis can be performed live or on pcap files that already saved. Thus, users can view the events that happen on the newtork. With this tool, we can perform the followings:
- Monitoring the transferred data traffic instantly
- Analyzing the network traffic
- Capturing packets instantly
- View visual graphics of network traffic
- View VoIP calls
- Analyzing network traffic within the file by loading an existing pcap file into the tool
Network Traffic With Xplico Tool
First, install the tool with the following command.
Kod:
apt-get install xplicoThen we follow Pentesting > System Services > Xplico and press the "Xplico Start" button to run it. After this a page like this opens.
Run the Apache service by entering the following command.
Kod:
apachectl startAfter running the service, close the terminal and follow "Pentesting > Digital Forensics" section to find and run Xplico. A page like below will open.
Select the language as Turkish. Type "xplico" for username and password both. Then just click on logging button.
On the screen that opens, click on the "new case" button from the panel on the left side. Here we can watch our network live and upload the pcap file we have. I'm gonna perform a live network analysis now. Type a random name for the case name section. Then click on
"create" button.
After we created the workspace, click on "New Session" from the panel which is in the left sidebar.
Next, select session on session list. We will see this page;
Now we are selecting "eth0" on "Interface" page. And we are starting flow.
Now we can watch what is going on in network. We can see everything on left bar. For example; we can see captured packages, voip calls, network graphics, file trading, using chat, we can check e-mails etc.. and we can watch flow.
Now we will try to analyse our pcap file. Click "Case" text on left sidebar. And click "covers" text.
Next, click "New Case" button.
Now select "pcap files" on "data collecting" page. And, we'll type a workspace name and click create button. We'll see this page;
Now click workspace which we created. Then click on New Session button and type the name we just got it and click on Create
We will see this page after we created session. After that, click session name.
We'll see this page;
Now click "Browse" on right sidebar. After that, select pcap file which is in our computer. Now we can watch network trafiic below to pcap file.
Credits
M3m0ry & @Tommy Angelosoruce:https://www.turkhackteam.org/networ...ile-linux-sistemlerde-ag-trafigi-analizi.html
Son düzenleme:
